Help - Search - Members - Calendar
Full Version: These ips Server Matrix? They keep getting onto my firewall.
The Planet Forums > Security > General Security > UNIX Security
BeerUser
Apr 18 2004, 06:52 AM
Apr 18 22:07:21 server kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:0d:61:b2:43:8a:00:0f:23:8b:bb:ff:08:00 SRC=69.149.24.8 DST=67.18.xx.xx LEN=48 TOS=0x04 PREC=0x00 TTL=117 ID=62211 DF PROTO=TCP SPT=1030 DPT=2745 WINDOW=16384 RES=0x00 SYN URGP=0
Apr 18 22:07:21 server kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:0d:61:b2:43:8a:00:0f:23:8b:bb:ff:08:00 SRC=69.149.24.8 DST=67.18.xx.xx LEN=48 TOS=0x04 PREC=0x00 TTL=117 ID=62213 DF PROTO=TCP SPT=1032 DPT=1025 WINDOW=16384 RES=0x00 SYN URGP=0
Apr 18 22:07:24 server kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:0d:61:b2:43:8a:00:0f:23:8b:bb:ff:08:00 SRC=69.149.24.8 DST=67.18.xx.xx LEN=48 TOS=0x04 PREC=0x00 TTL=117 ID=62542 DF PROTO=TCP SPT=1032 DPT=1025 WINDOW=16384 RES=0x00 SYN URGP=0
Apr 18 22:07:24 server kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:0d:61:b2:43:8a:00:0f:23:8b:bb:ff:08:00 SRC=69.149.24.8 DST=67.18.xx.xx LEN=48 TOS=0x04 PREC=0x00 TTL=117 ID=62548 DF PROTO=TCP SPT=1030 DPT=2745 WINDOW=16384 RES=0x00 SYN URGP=0
Apr 18 22:07:30 server kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:0d:61:b2:43:8a:00:0f:23:8b:bb:ff:08:00 SRC=69.149.24.8 DST=67.18.xx.xx LEN=48 TOS=0x04 PREC=0x00 TTL=117 ID=63035 DF PROTO=TCP SPT=1032 DPT=1025 WINDOW=16384 RES=0x00 SYN URGP=0
Apr 18 22:07:30 server kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:0d:61:b2:43:8a:00:0f:23:8b:bb:ff:08:00 SRC=69.149.24.8 DST=67.18.xx.xx LEN=48 TOS=0x04 PREC=0x00 TTL=117 ID=63038 DF PROTO=TCP SPT=1030 DPT=2745 WINDOW=16384 RES=0x00 SYN URGP=0



Apr 18 21:00:09 server kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:0d:61:b2:43:8a:00:0f:23:8b:bb:ff:08:00 SRC=151.118.0.5 DST=67.18.xx.xx LEN=48 TOS=0x04 PREC=0x00 TTL=114 ID=1727 DF PROTO=TCP SPT=1362 DPT=6129 WINDOW=16384 RES=0x00 SYN URGP=0
Apr 18 21:00:09 server kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:0d:61:b2:43:8a:00:0f:23:8b:bb:ff:08:00 SRC=151.118.0.5 DST=67.18.xx.xx LEN=48 TOS=0x04 PREC=0x00 TTL=114 ID=1730 DF PROTO=TCP SPT=1365 DPT=6129 WINDOW=16384 RES=0x00 SYN URGP=0
Apr 18 21:00:09 server kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:0d:61:b2:43:8a:00:0f:23:8b:bb:ff:08:00 SRC=151.118.0.5 DST=67.18.xx.xx LEN=48 TOS=0x04 PREC=0x00 TTL=114 ID=1733 DF PROTO=TCP SPT=1368 DPT=6129 WINDOW=16384 RES=0x00 SYN URGP=0
Apr 18 21:00:09 server kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:0d:61:b2:43:8a:00:0f:23:8b:bb:ff:08:00 SRC=151.118.0.5 DST=67.18.xx.xx LEN=48 TOS=0x04 PREC=0x00 TTL=114 ID=1736 DF PROTO=TCP SPT=1371 DPT=6129 WINDOW=16384 RES=0x00 SYN URGP=0
Apr 18 21:00:09 server kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:0d:61:b2:43:8a:00:0f:23:8b:bb:ff:08:00 SRC=151.118.0.5 DST=67.18.xx.xx LEN=48 TOS=0x04 PREC=0x00 TTL=114 ID=1739 DF PROTO=TCP SPT=1374 DPT=6129 WINDOW=16384 RES=0x00 SYN URGP=0


Apr 18 07:53:31 server kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:0d:61:b2:43:8a:00:0f:23:8b:bb:ff:08:00 SRC=67.65.132.186 DST=67.18.xx.xx LEN=48 TOS=0x04 PREC=0x00 TTL=117 ID=59486 DF PROTO=TCP SPT=2991 DPT=2745 WINDOW=64800 RES=0x00 SYN URGP=0
Apr 18 07:53:31 server kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:0d:61:b2:43:8a:00:0f:23:8b:bb:ff:08:00 SRC=67.65.132.186 DST=67.18.xx.xx LEN=48 TOS=0x04 PREC=0x00 TTL=117 ID=59510 DF PROTO=TCP SPT=3001 DPT=1025 WINDOW=64800 RES=0x00 SYN URGP=0
Apr 18 07:53:31 server kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:0d:61:b2:43:8a:00:0f:23:8b:bb:ff:08:00 SRC=67.65.132.186 DST=67.18.xx.xx LEN=48 TOS=0x04 PREC=0x00 TTL=117 ID=59513 DF PROTO=TCP SPT=3008 DPT=6129 WINDOW=64800 RES=0x00 SYN URGP=0
Apr 18 07:53:38 server kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:0d:61:b2:43:8a:00:0f:23:8b:bb:ff:08:00 SRC=67.65.132.186 DST=67.18.xx.xx LEN=48 TOS=0x04 PREC=0x00 TTL=117 ID=63435 DF PROTO=TCP SPT=2991 DPT=2745 WINDOW=64800 RES=0x00 SYN URGP=0
Apr 18 07:53:38 server kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:0d:61:b2:43:8a:00:0f:23:8b:bb:ff:08:00 SRC=67.65.132.186 DST=67


Apr 18 07:53:31 server kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:0d:61:b2:43:8a:00:0f:23:8b:bb:ff:08:00 SRC=67.65.132.186 DST=67.18.xx.xx LEN=48 TOS=0x04 PREC=0x00 TTL=117 ID=59486 DF PROTO=TCP SPT=2991 DPT=2745 WINDOW=64800 RES=0x00 SYN URGP=0
Apr 18 07:53:31 server kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:0d:61:b2:43:8a:00:0f:23:8b:bb:ff:08:00 SRC=67.65.132.186 DST=67.18.xx.xx LEN=48 TOS=0x04 PREC=0x00 TTL=117 ID=59510 DF PROTO=TCP SPT=3001 DPT=1025 WINDOW=64800 RES=0x00 SYN URGP=0
Apr 18 07:53:31 server kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:0d:61:b2:43:8a:00:0f:23:8b:bb:ff:08:00 SRC=67.65.132.186 DST=67.18.xx.xx LEN=48 TOS=0x04 PREC=0x00 TTL=117 ID=59513 DF PROTO=TCP SPT=3008 DPT=6129 WINDOW=64800 RES=0x00 SYN URGP=0
Apr 18 07:53:38 server kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:0d:61:b2:43:8a:00:0f:23:8b:bb:ff:08:00 SRC=67.65.132.186 DST=67.18.xx.xx LEN=48 TOS=0x04 PREC=0x00 TTL=117 ID=63435 DF PROTO=TCP SPT=2991 DPT=2745 WINDOW=64800 RES=0x00 SYN URGP=0
Apr 18 07:53:38 server kernel: ** IN_TCP DROP ** IN=eth0 OUT= MAC=00:0d:61:b2:43:8a:00:0f:23:8b:bb:ff:08:00 SRC=67.65.132.186 DST=67
BeerUser
Apr 18 2004, 06:55 AM
Im thinking someone is scanning me and they from the servermatrix network also? Unless good old servermatrix is doing it to me... but i did choose silver on sign up but havent filled out the form on which things to ping up on me yet?? :S

They seem to be coming from the 105.* 67.* 65.* at like 30mins time and usally do all my 5 ips i have.
clearsignal
Apr 18 2004, 08:10 AM
Those 67.65.132.186 ip's appear to be coming from swbell.net not Server Matrix (similar ip's but alas not the same).

Your firewall is doing it's job, showing you all the packets it's dropped...expect a few hundred, if not a thousand more before the day is done :shock: .
damainman
Apr 18 2004, 10:40 AM
What firewall are you using?
BeerUser
Apr 18 2004, 10:45 AM
apf
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2010 Invision Power Services, Inc.