-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
It should only be watching inbound traffic. I.e., running nmap or
something on your 550 won't trigger the port scan report.
> Source Address: 65.169.119.101
> Source port: 27374
> Direction: outbound
> Destination Address: 211.38.179.115
> Destination Port: 4101
Which is your RaQ IP - 65.169.119.101 or 211.38.179.115? Don't worry
about the word 'outbound'...
> From the GUI I look at the Scan Detection Log and it shows:
>
> 12/12/02-03:22:49 eth0:portscan: tcp 65.169.119.102/27374 ->
> 211.215.42.85/2024 40 rst (16)
> 12/12/02-03:22:49 eth0:portscan: tcp 65.169.119.103/12345 ->
> 211.215.42.85/2026 40 rst (16)
<snip>
Which is your IP - the 65. net or the 211. net? That will tell you
what's going on. You're probably not being 'actively' scanned, just
a 'bot running through all IP addresses looking for a particular
vulnerability or something...
- --
Bruce Timberlake
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE9+1plvLA2hUZ9kgwRAlWYAJ9NpH6DRPCJDO0kLZFw2GFAzuwQxQCfXa3M
arHd4KJa/UIKSuF5tN83Id8=
=slDR
-----END PGP SIGNATURE-----
_____________________________________
cobalt-users mailing list
cobalt-users@xxxxxxxxxxxxxxx
To subscribe/unsubscribe, or to SEARCH THE ARCHIVES, go to:
http://list.cobalt.com/mailman/listinfo/cobalt-users