Hi all,
How to find a program who call an ip block?
How to find program who call "207.218.xxx.xxx " in this log?
Mar 2 05:11:52 kernel: ** OUT_TCP DROP ** IN= OUT=eth0 SRC=207.44.xxx.xxx DST=207.218.xxx.xxx LEN=44
TOS=0x00 PREC=0x00 TTL=64 ID=17668 DF PROTO=TCP SPT=38197 DPT=53 WINDOW=5840 RES=0x00 SYN URGP=0
Feb 24 04:55:18 named[1924]: client 207.218.xxx.xxx#1433: error sending response: host unreachable
Feb 24 06:41:59 kernel: ** OUT_TCP DROP ** IN= OUT=eth0 SRC=207.44.xxx.xxx DST=207.218.xxx.xxx LEN=44
TOS=0x00 PREC=0x00 TTL=64 ID=29728 DF PROTO=TCP SPT=39512 DPT=53 WINDOW=5840 RES=0x00 SYN URGP=0
Thanks
Full Version: How to find a program?
You really can't. At least not easily... from the src/dest ports, it looks like your server was just querying a resolver, or nameserver...
QUOTE (jjhurani @ Mar 7 2008, 01:53 AM) 
You really can't. At least not easily... from the src/dest ports, it looks like your server was just querying a resolver, or nameserver...
Ok, thank you.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.