In the midst of a fishing expedition looking for running portmappers
on a client's class C, I found the following:
May 25 09:03:41 <firewall> kernel: IP fw-in deny ppp0 TCP
<attacker.edu>:42704:111 L=44 S=0x00 I=28865 F=0x0040 T=239
Any clues? Could this just be a kernel glitch that caused the space
and the dest. address to be omitted? Looking at the code, I can't
see that it could be anything else..
Any comments are greatly appreciated.
-Joshua
--------
Joshua Heling jrh@securepipe.com
SecurePipe Communications, Inc.
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.rutgers.edu