[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[François TOURDE] Re: newbie iptables question

Sorry for personnal posting. I've changed my keys recently under Gnus,
and it's hard to change old usage ;)
--- Begin Message --- 
Le 12643ième jour après Epoch,
Wanda Round écrivait:

> After reading that I should look through /var/log/messages, I did
> and found many lines like these:
>
> Aug 12 04:36:53 towern kernel: |iptables -- IN=ppp0 OUT= MAC= 
> SRC=201.129.122.85 DST=12.65.24.43 LEN=48 TOS=0x00 PREC=0x00 TTL=115 
> ID=40023 DF PROTO=TCP SPT=4346 DPT=445 WINDOW=16384 RES=0x00 SYN URGP=0 
>
> Aug 12 04:40:59 towern kernel: |iptables -- IN=ppp0 OUT= MAC= 
> SRC=83.36.139.197 DST=12.65.24.43 LEN=52 TOS=0x00 PREC=0x00 TTL=46 
> ID=19155 DF PROTO=TCP SPT=4845 DPT=445 WINDOW=16384 RES=0x00 SYN URGP=0 
>
> The 12.65.24.43 was my dialup connection. The 201.129.etc and 83.36.etc
> were from Mexico and Spain.
>
> MAN iptables didn't help me at all! 
>
> What are these lines telling me? Where can I find a simpler explanation
> of iptables logs?

They're telling you that somebody in Spain and Mexico is trying to
contact your computer using 445 port (DST=445). And This port is:

francois@fermat:~$ grep 445 /etc/services 
microsoft-ds    445/tcp                         # Microsoft Naked CIFS
microsoft-ds    445/udp

HTH

-- 
Ego sum ens omnipotens.

--- End Message ---

-- 
Before marriage the three little words are "I love you," after marriage
they are "Let's eat out."
-- 
François TOURDE - tourde.org - 23 rue Bernard GANTE - 93250 VILLEMOMBLE
Tél: 01 49 35 96 69 - Mob: 06 81 01 81 80
URL: http://francois.tourde.org/
Reply to: