Site Navigation

Date:      Mon, 16 Jul 2001 18:17:21 +0600
From:      Ivan <ivan@al3ks4ndr0v.net>
To:        security@freebsd.org
Subject:   log message.
Message-ID:  <178309637.20010716181721@al3ks4ndr0v.net>

---

next in thread | raw e-mail | index | archive | help

---

Socks5 v1.0r11 listend on 6667 port
permit only 192.168.1.0/24.
also firewalled.
I receive messages from log:

Jul 16 13:16:39 bsd ircd[80482]: Connect to *[192.168.3.2] @192.168.3.2

# netstat -na
Proto Recv-Q Send-Q  Local Address          Foreign Address       
(state)
tcp4       0      0  192.168.1.1.3600     192.168.3.2.6667     SYN_SENT

add in ipfw list:
04000       0          0 deny ip from 192.168.3.2 to any

# traceroute 192.168.3.2
traceroute to 192.168.3.2 (192.168.3.2), 30 hops max, 40 byte packets
 1  192.168.10.5 (192.168.10.5)  1.237 ms  1.121 ms  1.083 ms
 2  192.168.0.2 (192.168.0.2)  2.805 ms  2.578 ms  2.554 ms
 3  192.168.10.5 (192.168.10.5)  4.819 ms  2.690 ms  3.085 ms
 4  192.168.0.2 (192.168.0.2)  4.039 ms  4.212 ms  4.069 ms
 5  192.168.10.5 (192.168.10.5)  4.077 ms  9.975 ms  4.082 ms
 6  192.168.0.2 (192.168.0.2)  5.594 ms  5.762 ms  5.456 ms
 7  192.168.10.5 (192.168.90.5)  5.590 ms  5.614 ms  11.071 ms
 8  192.168.0.2 (192.168.0.2)  7.042 ms  7.079 ms  6.866 ms
 9  192.168.10.5 (192.168.90.5)  6.934 ms  7.740 ms  6.921 ms
10  192.168.0.2 (192.168.0.2)  13.574 ms  8.517 ms  8.965 ms
11  192.168.10.5 (192.168.90.5)  8.649 ms  8.824 ms  8.886 ms
12  192.168.0.2 (192.168.0.2)  14.828 ms  9.912 ms  9.815 ms
..........

# ping 192.168.3.2      
PING 192.168.3.2 (192.168.3.2): 56 data bytes
36 bytes from 192.168.10.5: Time to live exceeded
Vr HL TOS  Len   ID Flg  off TTL Pro  cks      Src      Dst
 4  5  00 5400 612a   0 0000  01  01 1fe5 192.168.1.1  192.168.3.2 

Jul 16 13:26:39 bsd ircd[80482]: Connect to *[192.168.3.2] @192.168.3.2

# netstat -na
Proto Recv-Q Send-Q  Local Address          Foreign Address       
(state)
tcp4       0      0  192.168.1.1.3601     192.168.3.2.6667     SYN_SENT

what this?
help..
  
-- 
Best regards,
 Ivan                          mailto:ivan@al3ks4ndr0v.net



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?178309637.20010716181721>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact