Hi,
Looking through my logs, I found the following (see below) which I don't understand. Can someone explain what those denylog: things are and who are they from?? (all those IP addresses ???... it happens every 2 minutes or so)
Thanks
Mizou
ct 18 09:22:16 chemtools ntpd[5682]: signal_no_reset: signal 17 had flags 4000000
Oct 18 09:22:16 chemtools e-smith[5683]: Processing event: ip-up ppp0 38400 144.137.138.59 172.31.21.152 pppoe
Oct 18 09:22:16 chemtools e-smith[5683]: Running event handler: /etc/e-smith/events/ip-up/S20email-ipup
Oct 18 09:22:16 chemtools e-smith[5683]: S20email-ipup=action|Event|ip-up|Action|S20email-ipup|Start|1066432936 166905|End|1066432936 385403|Elapsed|0.218498
Oct 18 09:22:16 chemtools e-smith[5683]: Running event handler: /etc/e-smith/events/ip-up/S55set-gateway-ip
Oct 18 09:22:16 chemtools e-smith[5683]: S55set-gateway-ip=action|Event|ip-up|Action|S55set-gateway-ip|Start|1066432936 385777|End|1066432936 802605|Elapsed|0.416828
Oct 18 09:22:16 chemtools pppd[5408]: Script /etc/ppp/ip-up finished (pid 5454), status = 0x0
Oct 18 09:22:48 chemtools kernel: denylog:IN=ppp0 OUT= MAC= SRC=144.139.13.91 DST=144.137.138.59 LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=47519 DF PROTO=TCP SPT=1083 DPT=135 WINDOW=8760 RES=0x00 SYN URGP=0
Oct 18 09:22:51 chemtools kernel: denylog:IN=ppp0 OUT= MAC= SRC=144.139.13.91 DST=144.137.138.59 LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=47785 DF PROTO=TCP SPT=1083 DPT=135 WINDOW=8760 RES=0x00 SYN URGP=0
Oct 18 09:22:57 chemtools kernel: denylog:IN=ppp0 OUT= MAC= SRC=144.139.13.91 DST=144.137.138.59 LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=48340 DF PROTO=TCP SPT=1083 DPT=135 WINDOW=8760 RES=0x00 SYN URGP=0
Oct 18 09:23:49 chemtools kernel: denylog:IN=ppp0 OUT= MAC= SRC=144.136.0.254 DST=144.137.138.59 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=11648 DF PROTO=TCP SPT=4348 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0
Oct 18 09:26:21 chemtools kernel: denylog:IN=ppp0 OUT= MAC= SRC=144.138.227.235 DST=144.137.138.59 LEN=48 TOS=0x00 PREC=0x00 TTL=114 ID=35438 DF PROTO=TCP SPT=4184 DPT=135 WINDOW=8760 RES=0x00 SYN URGP=0
Oct 18 09:26:24 chemtools kernel: denylog:IN=ppp0 OUT= MAC= SRC=144.138.227.235 DST=144.137.138.59 LEN=48 TOS=0x00 PREC=0x00 TTL=114 ID=35801 DF PROTO=TCP SPT=4184 DPT=135 WINDOW=8760 RES=0x00 SYN URGP=0
Oct 18 09:26:30 chemtools kernel: denylog:IN=ppp0 OUT= MAC= SRC=144.138.227.235 DST=144.137.138.59 LEN=48 TOS=0x00 PREC=0x00 TTL=114 ID=36471 DF PROTO=TCP SPT=4184 DPT=135 WINDOW=8760 RES=0x00 SYN URGP=0
Oct 18 09:26:40 chemtools ntpd[5678]: kernel time discipline status change 41
Oct 18 09:26:51 chemtools kernel: denylog:IN=ppp0 OUT= MAC= SRC=144.138.113.98 DST=144.137.138.59 LEN=48 TOS=0x00 PREC=0x00 TTL=118 ID=21199 DF PROTO=TCP SPT=1671 DPT=135 WINDOW=8760 RES=0x00 SYN URGP=0
Oct 18 09:26:55 chemtools kernel: denylog:IN=ppp0 OUT= MAC= SRC=144.138.113.98 DST=144.137.138.59 LEN=48 TOS=0x00 PREC=0x00 TTL=118 ID=21565 DF PROTO=TCP SPT=1671 DPT=135 WINDOW=8760 RES=0x00 SYN URGP=0
Oct 18 09:27:02 chemtools kernel: denylog:IN=ppp0 OUT= MAC= SRC=144.138.113.98 DST=144.137.138.59 LEN=48 TOS=0x00 PREC=0x00 TTL=118 ID=22222 DF PROTO=TCP SPT=1671 DPT=135 WINDOW=8760 RES=0x00 SYN URGP=0
Oct 18 09:27:26 chemtools kernel: denylog:IN=ppp0 OUT= MAC= SRC=144.136.20.146 DST=144.137.138.59 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=33887 DF PROTO=TCP SPT=1749 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0
Oct 18 09:27:29 chemtools kernel: denylog:IN=ppp0 OUT= MAC= SRC=144.136.20.146 DST=144.137.138.59 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=34099 DF PROTO=TCP SPT=1749 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0
Oct 18 09:27:35 chemtools kernel: denylog:IN=ppp0 OUT= MAC= SRC=144.136.20.146 DST=144.137.138.59 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=34808 DF PROTO=TCP SPT=1749 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0
3 Replies
413 Views