Arcady Genkin <[EMAIL PROTECTED]> writes: I've checked my logs and discovered that exactly the same thing happened exactly a week ago at the same hour. The same IP too. The regularity for me implies that it could be a routine my ISP is running weekly. Also, the IP is in my ISP's domain.
Is that practice accepted anywhere else, or is it just my ISP's invention (assuming I'm correct to say that it *is* the ISP and not some CrAcKeR dUdE)? FWIW I've posted enire extracts from the logs of April 27 and April 20 at http://www3.sympatico.ca/genkin/daemon.log I've also complained to [EMAIL PROTECTED] Thanks for any input. > To continue my new Linux user paranoia, I have just noticed in > xconsole that someone's been trying to connect to every port from port > 2 thru 1024. It looks like this: > Apr 27 20:03:09 main tcplogd: tcpmux connection attempt from [EMAIL > PROTECTED] [206.47.37.4] > Apr 27 20:03:09 main tcplogd: port 2 connection attempt from [EMAIL > PROTECTED] [206.47.37.4] > Apr 27 20:03:09 main tcplogd: port 3 connection attempt from [EMAIL > PROTECTED] [206.47.37.4] > Apr 27 20:03:09 main tcplogd: port 4 connection attempt from [EMAIL > PROTECTED] [206.47.37.4] > ... > ... > Apr 27 20:08:13 main tcplogd: port 1024 connection attempt from [EMAIL > PROTECTED] [206.47.37.4] -- Arcady Genkin "I opened up my wallet, and it's full of blood..." - GsYDE
