'Re: Strange log entries'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       gauntlet-user
Subject:    Re: Strange log entries
From:       Sai Ganesamoorthi <sai () paranet ! com>
Date:       1997-10-24 17:26:44
[Download RAW message or body]

Hi,

Is there a correction for this.

Sai Ganesamoorthi	
UNIX Systems Administrator	
Sprint Paranet	
Email: sai@paranet.com
Jim Jones wrote:
> 
> Could it be TFTP?  TFTP session looks like this:
> 
> (All traffic is UDP, the numbers represent port numbers where RND is
> a random port.  Numbers follow the RND ports to show that a
> particular RND port is being used.  This random port is not
> necessarily greater than 1024.)
> 
> client            server
>  RND.1    -->       69
>  RND.1    <--      RND.2
> 
> It is this RND.2 to RND.1 packet that you may be seeing.
> 
> --Jim
> 
> > Date:          Fri, 24 Oct 1997 10:32:51 -0500 (CDT)
> > Reply-to:      gauntlet-user@mail.rmsbus.com
> > From:          pveenbaa@rollerblade.com
> > To:            jim.jones@gtri.gatech.edu
> > Subject:       Strange log entries
> 
> > Greetings,
> >
> > Anyone have an idea of what's happening here:
> >
> > Oct 23 21:24:46 firewall kernel: securityalert: udp from
> > 200.254.63.131:3662 to  A.B.C.D on unserved port 1145
> > Oct 23 21:24:46 firewall kernel: securityalert: udp from
> > 200.254.63.131:3577 to  A.B.C.D on unserved port 2955
> > Oct 23 21:24:46 firewall kernel: securityalert: udp from
> > 200.254.63.131:3577 to  A.B.C.D on unserved port 2955
> > Oct 23 21:24:46 firewall kernel: securityalert: udp from
> > 200.254.63.131:3662 to  A.B.C.D on unserved port 1145
> > Oct 23 21:24:46 firewall kernel: securityalert: udp from
> > 200.254.63.131:3577 to  A.B.C.D on unserved port 2955
> > Oct 23 21:24:46 firewall kernel: securityalert: udp from
> > 200.254.63.131:3662 to  A.B.C.D on unserved port 1145
> > Oct 23 21:24:46 firewall kernel: securityalert: udp from
> > 200.254.63.131:3577 to  A.B.C.D on unserved port 2955
> > Oct 23 21:24:46 firewall kernel: securityalert: udp from
> > 200.254.63.131:3577 to  A.B.C.D on unserved port 2955
> > Oct 23 21:24:46 firewall kernel: securityalert: udp from
> > 200.254.63.131:3662 to  A.B.C.D on unserved port 1145
> > Oct 23 21:24:47 firewall kernel: securityalert: udp from
> > 200.254.63.131:3577 to  A.B.C.D on unserved port 2955
> >
> > Where A.B.C.D is the address of our firewall's outside I/F
> >
> > Thanks in advance
> >
> > Pete Veenbaas
> >
> > Pete.Veenbaas@rollerblade.com
> > Rollerblade, Inc
> > Reasearch & Development
> > (612) 930-7287
> >
> >
> >

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic