From owner-freebsd-security Fri Mar 10 19:19: 9 2000 Delivered-To: freebsd-security@freebsd.org Received: from backup.af.speednet.com.au (af.speednet.com.au [202.135.188.244]) by hub.freebsd.org (Postfix) with ESMTP id A749437BBB3 for ; Fri, 10 Mar 2000 19:18:43 -0800 (PST) (envelope-from andyf@speednet.com.au) Received: from backup.af.speednet.com.au (andyf@backup.af.speednet.com.au [172.22.2.4]) by backup.af.speednet.com.au (8.9.3/8.9.3) with ESMTP id OAA54394 for ; Sat, 11 Mar 2000 14:18:14 +1100 (EST) (envelope-from andyf@speednet.com.au) Date: Sat, 11 Mar 2000 14:18:13 +1100 (EST) From: Andy Farkas X-Sender: andyf@backup.af.speednet.com.au To: freebsd-security@freebsd.org Subject: security check output In-Reply-To: <200003101459.BAA03095@zippyii.af.speednet.com.au> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This may belong on -questions... How is it possible that I get connection attempts from outside my private subnet? My main concern is how the heck do these packets get routed to my workstation? I'm sure there are routers in between that drop RFC1918 addresses.. > > Connection attempt to TCP 172.22.2.9:1503 from 216.35.209.171:80 > > Connection attempt to TCP 172.22.2.9:1503 from 216.35.209.171:80 > > Connection attempt to TCP 172.22.2.9:1503 from 216.35.209.171:80 > > Connection attempt to TCP 172.22.2.9:1503 from 216.35.209.171:80 > > Connection attempt to TCP 172.22.2.9:1503 from 216.35.209.171:80 > > Connection attempt to TCP 172.22.2.9:1503 from 216.35.209.171:80 > > Connection attempt to TCP 172.22.2.9:1503 from 216.35.209.171:80 > > Connection attempt to UDP 172.22.2.9:1248 from 172.22.2.4:53 > > Connection attempt to TCP 172.22.2.9:1596 from 210.171.226.42:80 > > Connection attempt to TCP 172.22.2.9:1595 from 210.171.226.42:80 > > Connection attempt to TCP 172.22.2.9:1596 from 210.171.226.42:80 > > Connection attempt to TCP 172.22.2.9:1595 from 210.171.226.42:80 > > Connection attempt to TCP 172.22.2.9:1596 from 210.171.226.42:80 > > Connection attempt to TCP 172.22.2.9:1595 from 210.171.226.42:80 > > Connection attempt to TCP 172.22.2.9:1596 from 210.171.226.42:80 > > Connection attempt to TCP 172.22.2.9:1595 from 210.171.226.42:80 > > Connection attempt to TCP 172.22.2.9:1596 from 210.171.226.42:80 > > Connection attempt to TCP 172.22.2.9:1595 from 210.171.226.42:80 > > Connection attempt to TCP 172.22.2.9:1596 from 210.171.226.42:80 > > Connection attempt to TCP 172.22.2.9:1595 from 210.171.226.42:80 > > Connection attempt to TCP 172.22.2.9:1596 from 210.171.226.42:80 > > Connection attempt to TCP 172.22.2.9:1624 from 203.41.115.120:80 > > Connection attempt to TCP 172.22.2.9:1625 from 203.41.115.120:80 > > Connection attempt to TCP 172.22.2.9:1625 from 203.41.115.120:80 > > Connection attempt to TCP 172.22.2.9:1624 from 203.41.115.120:80 > > Connection attempt to TCP 172.22.2.9:1625 from 203.41.115.120:80 > > Connection attempt to TCP 172.22.2.9:1624 from 203.41.115.120:80 > > Connection attempt to TCP 172.22.2.9:1625 from 203.41.115.120:80 > > Connection attempt to TCP 172.22.2.9:1624 from 203.41.115.120:80 -- :{ andyf@speednet.com.au Andy Farkas System Administrator Speednet Communications http://www.speednet.com.au/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message