Ok,
I know that I am asking many small questions ... I am seeing this
since I have installed the firewall as I have put maximum
logging. The address 207.253.63 is using port 110 (pop3). Could
they be using my computer as a relay for spam?
Mar 5 03:00:06 rlevesque kernel: Packet log: input ACCEPT eth0 PROTO=6
207.253.6.3:110 24.203.96.163:1091 L=60 S=0x00 I=55621 F=0x4000 T=57 (#2)
Mar 5 03:00:06 rlevesque kernel: Packet log: input ACCEPT eth0 PROTO=6
207.253.6.3:110 24.203.96.163:1091 L=149 S=0x00 I=55636 F=0x4000 T=57 (#2)
Mar 5 03:00:06 rlevesque kernel: Packet log: input ACCEPT eth0 PROTO=6
207.253.6.3:110 24.203.96.163:1091 L=88 S=0x00 I=55637 F=0x4000 T=57 (#2)
whois returns
NS2.OP-PLUS.NET
NS1.OP-PLUS.NET
NS1.WEBDENT.COM
NAME2.WEBARCHITECTPRO.COM
NAME1.WEBARCHITECTPRO.COM
This all points to www.networksolutions.com which is a web hosting
service ... Thus two web hosting service are in my logs --- the
other one being www.opensrs.org. I think I should be very
suspicious.
Thanks
--
Dominic Mitchell
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
