Hello,
Recently, I have upgraded my SuSE firewall and have been noticing these messages (below) in my xconsole. I am on a 56k dial-up offering no services and all ports are closed (except for one which is open to localhost), so I feel pretty secure and all 'on-line applications' I use seem to be working fine, so I am curious as to what this means.
I use a 2.4.2 kernel and iptables firewall.
Any ideas? The src IP changes sometimes, but often is the same or similar.
Jul 3 00:27:04 linux kernel: SuSE-FW-DROP-DEFAULTIN=ppp0 OUT= MAC= SRC=66.9.192.39 DST=211.2.96.188 LEN=60 TO Jul 3 00:27:07 linux kernel: SuSE-FW-DROP-DEFAULTIN=ppp0 OUT= MAC= SRC=66.9.192.39 DST=211.2.96.188 LEN=60 TO Jul 3 00:30:41 linux kernel: SuSE-FW-DROP-DEFAULTIN=ppp0 OUT= MAC= SRC=203.239.87.52 DST=211.2.96.188 LEN=60 Jul 3 00:38:07 linux kernel: SuSE-FW-DROP-DEFAULTIN=ppp0 OUT= MAC= SRC=211.104.247.142 DST=211.2.96.188 LEN=6 Jul 3 00:38:11 linux kernel: SuSE-FW-DROP-DEFAULTIN=ppp0 OUT= MAC= SRC=211.104.247.142 DST=211.2.96.188 LEN=6 Jul 3 00:38:17 linux kernel: SuSE-FW-DROP-DEFAULTIN=ppp0 OUT= MAC= SRC=211.104.247.142 DST=211.2.96.188 LEN=6
(the messages extended wider than this but my screen space limited the amount I could copy and paste)
thanks for any advice, Joss
p.s. anyone need a tenant in Norwich starting sometime in September? :-)