[prev in list] [next in list] [prev in thread] [next in thread]
List: gauntlet-user
Subject: Re: Strange log entries
From: Sai Ganesamoorthi <sai () paranet ! com>
Date: 1997-10-24 17:26:44
[Download RAW message or body]
Hi,
Is there a correction for this.
Sai Ganesamoorthi
UNIX Systems Administrator
Sprint Paranet
Email: sai@paranet.com
Jim Jones wrote:
>
> Could it be TFTP? TFTP session looks like this:
>
> (All traffic is UDP, the numbers represent port numbers where RND is
> a random port. Numbers follow the RND ports to show that a
> particular RND port is being used. This random port is not
> necessarily greater than 1024.)
>
> client server
> RND.1 --> 69
> RND.1 <-- RND.2
>
> It is this RND.2 to RND.1 packet that you may be seeing.
>
> --Jim
>
> > Date: Fri, 24 Oct 1997 10:32:51 -0500 (CDT)
> > Reply-to: gauntlet-user@mail.rmsbus.com
> > From: pveenbaa@rollerblade.com
> > To: jim.jones@gtri.gatech.edu
> > Subject: Strange log entries
>
> > Greetings,
> >
> > Anyone have an idea of what's happening here:
> >
> > Oct 23 21:24:46 firewall kernel: securityalert: udp from
> > 200.254.63.131:3662 to A.B.C.D on unserved port 1145
> > Oct 23 21:24:46 firewall kernel: securityalert: udp from
> > 200.254.63.131:3577 to A.B.C.D on unserved port 2955
> > Oct 23 21:24:46 firewall kernel: securityalert: udp from
> > 200.254.63.131:3577 to A.B.C.D on unserved port 2955
> > Oct 23 21:24:46 firewall kernel: securityalert: udp from
> > 200.254.63.131:3662 to A.B.C.D on unserved port 1145
> > Oct 23 21:24:46 firewall kernel: securityalert: udp from
> > 200.254.63.131:3577 to A.B.C.D on unserved port 2955
> > Oct 23 21:24:46 firewall kernel: securityalert: udp from
> > 200.254.63.131:3662 to A.B.C.D on unserved port 1145
> > Oct 23 21:24:46 firewall kernel: securityalert: udp from
> > 200.254.63.131:3577 to A.B.C.D on unserved port 2955
> > Oct 23 21:24:46 firewall kernel: securityalert: udp from
> > 200.254.63.131:3577 to A.B.C.D on unserved port 2955
> > Oct 23 21:24:46 firewall kernel: securityalert: udp from
> > 200.254.63.131:3662 to A.B.C.D on unserved port 1145
> > Oct 23 21:24:47 firewall kernel: securityalert: udp from
> > 200.254.63.131:3577 to A.B.C.D on unserved port 2955
> >
> > Where A.B.C.D is the address of our firewall's outside I/F
> >
> > Thanks in advance
> >
> > Pete Veenbaas
> >
> > Pete.Veenbaas@rollerblade.com
> > Rollerblade, Inc
> > Reasearch & Development
> > (612) 930-7287
> >
> >
> >
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic