[oclug] traffic on @home

Greg Sarsons gsarsons at home.com
Sun Feb 11 10:20:42 EST 2001 

Do any of you @home users see similar traffic:

Feb 11 10:01:05 cr787535-a kernel: Packet log: eth0i DENY eth0 PROTO=17
24.112.235.56:62318
255.255.255.255:8777 L=39 S=0x00 I=30748 F=0x0000 T=128 (#144)
Feb 11 10:01:05 cr787535-a kernel: Packet log: eth0i DENY eth0 PROTO=17
24.112.235.56:62319
255.255.255.255:8778 L=39 S=0x00 I=30749 F=0x0000 T=128 (#144)
Feb 11 10:01:05 cr787535-a kernel: Packet log: eth0i DENY eth0 PROTO=17
24.112.235.56:62320
255.255.255.255:8779 L=39 S=0x00 I=30750 F=0x0000 T=128 (#144)
Feb 11 10:01:05 cr787535-a kernel: Packet log: eth0i DENY eth0 PROTO=17
24.112.235.56:62321
255.255.255.255:8780 L=39 S=0x00 I=30751 F=0x0000 T=128 (#144)
Feb 11 10:01:05 cr787535-a kernel: Packet log: eth0i DENY eth0 PROTO=17
24.112.235.56:62322
255.255.255.255:8781 L=39 S=0x00 I=30752 F=0x0000 T=128 (#144)
Feb 11 10:01:05 cr787535-a kernel: Packet log: eth0i DENY eth0 PROTO=17
24.112.235.56:62323
255.255.255.255:8782 L=39 S=0x00 I=30753 F=0x0000 T=128 (#144)
Feb 11 10:01:05 cr787535-a kernel: Packet log: eth0i DENY eth0 PROTO=17
24.112.235.56:62324
255.255.255.255:8783 L=39 S=0x00 I=30754 F=0x0000 T=128 (#144)
Feb 11 10:01:05 cr787535-a kernel: Packet log: eth0i DENY eth0 PROTO=17
24.112.235.56:62325
255.255.255.255:8784 L=39 S=0x00 I=30755 F=0x0000 T=128 (#144)
Feb 11 10:01:05 cr787535-a kernel: Packet log: eth0i DENY eth0 PROTO=17
24.112.235.56:62326
255.255.255.255:8785 L=39 S=0x00 I=30756 F=0x0000 T=128 (#144)
Feb 11 10:01:05 cr787535-a kernel: Packet log: eth0i DENY eth0 PROTO=17
24.112.235.56:62327
255.255.255.255:8786 L=39 S=0x00 I=30757 F=0x0000 T=128 (#144)

I've noted this a couple of times in the past from certain internal ip
addresses.  The outgoing source port is incrementing by one at a very
fast rate.  Hmmm but I think the last time the destination port remained
the same.  This time It is incrementing as well.

Just kinda curious as everytime something like this happens my logs jump
to 10-15megs for the day.

Greg
-- 
It said use Windows 98 or better so I installed Linux.

More information about the OCLUG mailing list