Re: Cryptic message...

2002-09-20 Thread Francisco Neira
Andreas Hansson wrote: >>>kernel: IN=eth0 OUT= MAC=00:50:da:05:c5:f4:00:04:dd:0b:e0:92:08:00 >>>SRC=210.11.68.47 DST=204.144.132.162 LEN=56 TOS=0x00 PREC=0x00 TTL=238 >> > ID=14090 > >>>PROTO=ICMP TYPE=3 CODE=3 [SRC=204.144.132.162 DST=210.11.68.47 LEN=121 >> > TOS=0x00 > >>>PREC=0x00 TTL=248 ID

Fw: Cryptic message... I do need glasses !!!

2002-09-20 Thread Peter Robb
I take that back! I am blind ! A packet is returning to your server as Andreas said... Oops Peter. - Original Message - From: "Peter Robb" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, September 20, 2002 2:22 PM Subject: Fw: Cryptic message... >

Fw: Cryptic message...

2002-09-20 Thread Peter Robb
CTED]> Sent: Friday, September 20, 2002 2:07 PM Subject: Re: Cryptic message... > > > > > > kernel: IN=eth0 OUT= MAC=00:50:da:05:c5:f4:00:04:dd:0b:e0:92:08:00 > > > SRC=210.11.68.47 DST=204.144.132.162 LEN=56 TOS=0x00 PREC=0x00 TTL=238 > ID=14090 > > > PROTO=ICM

Re: Cryptic message...

2002-09-20 Thread Andreas Hansson
> > > > kernel: IN=eth0 OUT= MAC=00:50:da:05:c5:f4:00:04:dd:0b:e0:92:08:00 > > SRC=210.11.68.47 DST=204.144.132.162 LEN=56 TOS=0x00 PREC=0x00 TTL=238 ID=14090 > > PROTO=ICMP TYPE=3 CODE=3 [SRC=204.144.132.162 DST=210.11.68.47 LEN=121 TOS=0x00 > > PREC=0x00 TTL=248 ID=37692 DF PROTO=UDP SPT=53 DPT=

Re: Cryptic message...

2002-09-19 Thread Mike Burger
Francisco Neira <[EMAIL PROTECTED]> said: > Ashley M. Kirchner wrote: > > Um, vat ist thees? > > > > kernel: IN=eth0 OUT= MAC=00:50:da:05:c5:f4:00:04:dd:0b:e0:92:08:00 > > SRC=210.11.68.47 DST=204.144.132.162 LEN=56 TOS=0x00 PREC=0x00 TTL=238 ID=14090 > > PROTO=ICMP TYPE=3 CODE=3 [SRC=204.14

Re: Cryptic message...

2002-09-19 Thread Mike Burger
Your system made a connection to 210.11.68.47, and that system is attempting to verify your system via a name service lookup. "Ashley M. Kirchner" <[EMAIL PROTECTED]> said: > > Um, vat ist thees? > > kernel: IN=eth0 OUT= MAC=00:50:da:05:c5:f4:00:04:dd:0b:e0:92:08:00 > SRC=210.11.68.47 DST=

Re: Cryptic message...

2002-09-19 Thread Thornton Prime
If I read this correctly, and making assumptions about your network topology and system configuration ... You are doing IPTables logging on your firewall and you are intercepting a port-unreachable replies from 210.11.68.47 for 204.144.132.162 which attempted to send a UDP packet to port 62408

Re: Cryptic message...

2002-09-19 Thread Francisco Neira
Ashley M. Kirchner wrote: > Um, vat ist thees? > > kernel: IN=eth0 OUT= MAC=00:50:da:05:c5:f4:00:04:dd:0b:e0:92:08:00 > SRC=210.11.68.47 DST=204.144.132.162 LEN=56 TOS=0x00 PREC=0x00 TTL=238 ID=14090 > PROTO=ICMP TYPE=3 CODE=3 [SRC=204.144.132.162 DST=210.11.68.47 LEN=121 TOS=0x00 > PREC=0x00

Cryptic message...

2002-09-19 Thread Ashley M. Kirchner
Um, vat ist thees? kernel: IN=eth0 OUT= MAC=00:50:da:05:c5:f4:00:04:dd:0b:e0:92:08:00 SRC=210.11.68.47 DST=204.144.132.162 LEN=56 TOS=0x00 PREC=0x00 TTL=238 ID=14090 PROTO=ICMP TYPE=3 CODE=3 [SRC=204.144.132.162 DST=210.11.68.47 LEN=121 TOS=0x00 PREC=0x00 TTL=248 ID=37692 DF PROTO=UDP SPT=53