Curious about log entries.
Steven W. Orr
email hidden
Tue Oct 24 20:37:02 CEST 2006
Oct 24 14:28:24 saturn kernel: [FIAIF_INVALID]:IN=eth0 OUT= \
MAC=00:13:d4:d1:b7:7 \
c:00:12:44:91:f0:8c:08:00 SRC=70.88.208.113 DST=207.172.210.41 LEN=43 \
TOS=0x08 PREC=0x00 TTL=17 ID=0 PROTO=TCP SPT=25 DPT=56077 \
WINDOW=0 RES=0x00 ACK RST URGP=0
I see entries like the above on a regular basis and I just don't get it.
I'm the 210.41 (if that wasn't obvious) and the other guy is talking to me
from his port 25. So what about this syslog entry would make the packet
invalid? Am I right to assume that this has to represent an already
established conversation?
TIA
--
Time flies like the wind. Fruit flies like a banana. Stranger things have .0.
happened but none stranger than this. Does your driver's license say Organ ..0
Donor?Black holes are where God divided by zero. Listen to me! We are all- 000
individuals! What if this weren't a hypothetical question?
steveo at syslang.net
More information about the fiaif
mailing list