[olug] port scan from dns?????????

Vincent vraffensberger at home.com
Thu Feb 15 06:36:27 UTC 2001 

I was reading the addresses wrong and thought your DNS server was trying
to open a connection to your system on port 53 instead...

Phil Brutsche wrote:
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> A long time ago, in a galaxy far, far way, someone said...
> 
> > I wouldn't be concerned with it.  It may be a misconfigured DNS server
> > or some feature if it's MS-DNS.  Here's some nice fw rules I came across
> > today though:
> >
> > http://www.linux.com/tuneup/database.phtml/Networking/2192.html
> 
> Yes, it's nothing to worry about.  But no, it's not from a misconfigured
> DNS server, nor is it from a MS-DNS server.
> 
> Sometimes, after a connection is closed, there are some packets still on
> the way.
> 
> These are those leftovers.
> 
> That's my best explanation, at least :)  Someone with a better
> understanding of IP networking would be able to explain it better.
> 
> > > Feb 14 22:16:06 p120 kernel: Packet log: input DENY ppp0 PROTO=17 198.83.19.241:53 209.252.176.29:1025 L=120 S=0x00 I=10684 F=0x0000 T=26 (#13)
> > > Feb 14 22:16:11 p120 kernel: Packet log: input DENY ppp0 PROTO=17 198.83.19.244:53 209.252.176.29:1025 L=120 S=0x00 I=50131 F=0x0000 T=60 (#13)
> > > Feb 14 22:16:12 p120 kernel: Packet log: input DENY ppp0 PROTO=6 208.216.183.15:80 209.252.176.29:4634 L=48 S=0x00 I=21188 F=0x4000 T=52 (#13)
> 
> - --
> - ----------------------------------------------------------------------
> Phil Brutsche                                   pbrutsch at creighton.edu
> 
> GPG fingerprint: BDA4 C23C 1989 31FF CBE8  7EB4 6CA7 9636 941E 8451
> GPG key id: 941E8451
> GPG public key: http://www.creighton.edu/~pbrutsch/public-key.asc
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.4 (GNU/Linux)
> Comment: Made with pgp4pine
> 
> iD8DBQE6i2itbKeWNpQehFERArHIAJ9Y0VrnYf3s6dg9no5snIwcSxLaPACfXyJM
> huZMz/lEWoo488So441B3yg=
> =MS3x
> -----END PGP SIGNATURE-----
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: olug-unsubscribe at bstc.net
> For additional commands, e-mail: olug-help at bstc.net

---------------------------------------------------------------------
To unsubscribe, e-mail: olug-unsubscribe at bstc.net
For additional commands, e-mail: olug-help at bstc.net

More information about the OLUG mailing list