Date: Mon, 19 Feb 2001 05:23:19 -0500 From: "Todd Karasick" <tkchess@yahoo.com> To: <freebsd-questions@FreeBSD.ORG> Subject: Packet concern Message-ID: <000f01c09a5e$0ed223f0$654a1718@cc804556a>
next in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. ------=_NextPart_000_0007_01C09A34.11BFE720 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hi I have not used your site for quite some time, if at all. Whether the = admin of a linux system i run has...i dont know. But right now im = running zonealarm firewall for windows, and i get 1000's upon 1000's of = packets from the IP 206.136.204.125. I do a DNS lookup (or nslookup in = win2k) and it resolves to mx1.freebsd.org. Believe me, i have new and = old log files of thousands of packets from the IP / domain. I would = appreciate it if the packets would stop coming my way. I had a trojan = once that sent out packets from my system to other users on the @home = network, which im on, and i got into some problems with @home because of = complains with those users. Now i dont want any trouble so i just want = to email you to inform you about this. If you would like to see some of the packets sent, this is a copy of a = few lines in the logs i have: FWIN,2001/02/19,03:40:13 -5:00 = GMT,216.136.204.125:25352,24.23.74.101:25,TCP (flags:S) FWIN,2001/02/19,03:40:15 -5:00 = GMT,216.136.204.125:25379,24.23.74.101:25,TCP (flags:S) FWIN,2001/02/19,03:40:16 -5:00 = GMT,216.136.204.125:25400,24.23.74.101:25,TCP (flags:S) FWIN,2001/02/19,03:40:18 -5:00 = GMT,216.136.204.125:25432,24.23.74.101:25,TCP (flags:S) FWIN,2001/02/19,03:40:22 -5:00 = GMT,216.136.204.125:25499,24.23.74.101:25,TCP (flags:S) FWIN,2001/02/19,04:13:36 -5:00 = GMT,216.136.204.125:22159,24.23.74.101:25,TCP (flags:S) FWIN,2001/02/19,04:13:38 -5:00 = GMT,216.136.204.125:22181,24.23.74.101:25,TCP (flags:S) FWIN,2001/02/19,04:13:40 -5:00 = GMT,216.136.204.125:22210,24.23.74.101:25,TCP (flags:S) FWIN,2001/02/19,04:13:43 -5:00 = GMT,216.136.204.125:22239,24.23.74.101:25,TCP (flags:S) FWIN,2001/02/19,04:13:47 -5:00 = GMT,216.136.204.125:22298,24.23.74.101:25,TCP (flags:S) i would like it if the packets would stop coming my way. Thank you in advance Todd Karasick ------=_NextPart_000_0007_01C09A34.11BFE720 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3Diso-8859-1"> <META content=3D"MSHTML 5.50.4522.1800" name=3DGENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=3D#ffffff> <DIV><FONT face=3DArial size=3D2>Hi</FONT></DIV> <DIV><FONT face=3DArial size=3D2>I have not used your site for quite = some time, if=20 at all. Whether the admin of a linux system i run has...i dont = know. =20 But right now im running zonealarm firewall for windows, and i get = 1000's upon=20 1000's of packets from the IP 206.136.204.125. I do a DNS lookup = (or=20 nslookup in win2k) and it resolves to mx1.freebsd.org. Believe me, = i have=20 new and old log files of thousands of packets from the IP / = domain. I=20 would appreciate it if the packets would stop coming my way. I had = a=20 trojan once that sent out packets from my system to other users on the = @home=20 network, which im on, and i got into some problems with @home because of = complains with those users. Now i dont want any trouble so i just = want to=20 email you to inform you about this.</FONT></DIV> <DIV><FONT face=3DArial size=3D2>If you would like to see some of the = packets sent,=20 this is a copy of a few lines in the logs i have:</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>FWIN,2001/02/19,03:40:13 -5:00=20 GMT,216.136.204.125:25352,24.23.74.101:25,TCP=20 (flags:S)<BR>FWIN,2001/02/19,03:40:15 -5:00=20 GMT,216.136.204.125:25379,24.23.74.101:25,TCP=20 (flags:S)<BR>FWIN,2001/02/19,03:40:16 -5:00=20 GMT,216.136.204.125:25400,24.23.74.101:25,TCP=20 (flags:S)<BR>FWIN,2001/02/19,03:40:18 -5:00=20 GMT,216.136.204.125:25432,24.23.74.101:25,TCP=20 (flags:S)<BR>FWIN,2001/02/19,03:40:22 -5:00=20 GMT,216.136.204.125:25499,24.23.74.101:25,TCP=20 (flags:S)<BR>FWIN,2001/02/19,04:13:36 -5:00=20 GMT,216.136.204.125:22159,24.23.74.101:25,TCP=20 (flags:S)<BR>FWIN,2001/02/19,04:13:38 -5:00=20 GMT,216.136.204.125:22181,24.23.74.101:25,TCP=20 (flags:S)<BR>FWIN,2001/02/19,04:13:40 -5:00=20 GMT,216.136.204.125:22210,24.23.74.101:25,TCP=20 (flags:S)<BR>FWIN,2001/02/19,04:13:43 -5:00=20 GMT,216.136.204.125:22239,24.23.74.101:25,TCP=20 (flags:S)<BR>FWIN,2001/02/19,04:13:47 -5:00=20 GMT,216.136.204.125:22298,24.23.74.101:25,TCP (flags:S)</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>i would like it if the packets would = stop coming my=20 way.</FONT></DIV> <DIV><FONT face=3DArial size=3D2>Thank you in advance</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>Todd = Karasick</FONT></DIV></BODY></HTML> ------=_NextPart_000_0007_01C09A34.11BFE720-- _________________________________________________________ Do You Yahoo!? Get your free @yahoo.com address at http://mail.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000f01c09a5e$0ed223f0$654a1718>