Date: Mon, 9 Jul 2001 22:27:26 -0700 From: "Nevin Kapoor" <nevin@jarna.com> To: <freebsd-security@freebsd.org> Subject: RE: What is ipfw telling me ? Message-ID: <GPEBLLONAFPGABAPGDNKMEKDCAAA.nevin@jarna.com> In-Reply-To: <20010629195831.45162.qmail@d170h113.resnet.uconn.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Folks, Non-authoritative answer: 20.46.239.216.in-addr.arpa name = crawl1.googlebot.com. This is simply a spider and not someone trying to "attack" you. I cannot imagine why nslookup wasn't the first thing you did after seeing this in your firewall log. /nk -----Original Message----- From: owner-freebsd-security@FreeBSD.ORG [mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of Peter C. Lai Sent: Friday, June 29, 2001 12:59 PM To: George.Giles@mcmail.vanderbilt.edu Cc: freebsd-security@freebsd.org Subject: Re: What is ipfw telling me ? Machines from the 216.239.46. subnet has been trying to attack my machine as well, and this is not an isolated incident. Furthermore, i also know that i am not on the vanderbilt.edu network. Would looking at mynetwatchman's database help me figure out any other trends in attacks coming from 216.239.46? Currently i'm not running any firewall (since i am not running any unsafe ports); only log_in_vain is enabled, but I almost want to configure ipf/w just so i can block this whole subnet. George.Giles@mcmail.vanderbilt.edu writes: > What is ipfw telling me ? > > The 216 host is attempting to break in, but how is it using port 80 on the > other machine ? > > ipfw: 2400 Deny TCP 216.239.46.20:21602 10.0.0.1:80 in via xl0 > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message ----------- Peter C. Lai University of Connecticut Dept. of Residential Life | Programmer Dept. of Molecular and Cell Biology | Undergraduate Research Assistant/Honors Program http://cowbert.2y.net/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?GPEBLLONAFPGABAPGDNKMEKDCAAA.nevin>