Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 3 Oct 1999 12:18:27 +0930
From:      Greg Lehey <grog@lemis.com>
To:        Stephen Derdau <sderdau@ne.mediaone.net>
Cc:        freebsd-questions@FreeBSD.ORG
Subject:   Re: Is someone trying to hack my system ?
Message-ID:  <19991003121827.M40186@freebie.lemis.com>
In-Reply-To: <37F674E0.619A860F@ne.mediaone.net>; from Stephen Derdau on Sat, Oct 02, 1999 at 05:10:56PM -0400
References:  <37F674E0.619A860F@ne.mediaone.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
[Format recovered--see http://www.lemis.com/email/email-format.html]

On Saturday,  2 October 1999 at 17:10:56 -0400, Stephen Derdau wrote:
> Subject: Is someone trying break in ?
>
>> Date: Sat, 02 Oct 1999 17:08:57 -0400
>> From: Stephen Derdau <sderdau@ne.mediaone.net>
>> To: freebsd-questions@ne.mediaone.net
>>
>> I've kinda been working on my security on my systems. IPFW !
>> Now I'm seeing  stuff like this:
>>
>>  ipfw 65534 Deny UDP 167.216.187.155:1089 24.218.2.59:1025 in via ed0
>>  ipfw 65534 Deny UDP 24.218.3.41:520 24.218.3.255:520 in via ed0
>> ipfw: 65534 Deny UDP 167.216.187.155:1089 24.218.2.59:1025 in via ed0
>> ipfw: 65534 Deny UDP 24.218.2.178:1455 255.255.255.255:8780 in via ed0
>>  ipfw: 65534 Deny UDP 24.218.2.178:1460 255.255.255.255:28001 in via ed0
>> ipfw: 65534 Deny UDP 24.218.2.49:27901 255.255.255.255:27910 in via ed0
>> 65534 Deny UDP 24.218.2.127:8093 255.255.255.255:8349 in via ed0
>>
>> I'm seeing alot of this every few seconds and I'm wondering if this
>> means someone is hacking my system or has or is trying.

Since your own machine is 24.218.2.59, it would be reasonable to
assume that most of these addresses are on your local net.
167.216.187.155 is web-associates-187-155.digisle.net.  Do you
recognize them?  How far away are they?  These things could be as
simple as some kind of broadcast packet.

The rest of your message appears to be a repetition.

Greg
--
When replying to this message, please copy the original recipients.
For more information, see http://www.lemis.com/questions.html
See complete headers for address, home page and phone numbers
finger grog@lemis.com for PGP public key


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991003121827.M40186>