Wyraznie napisane: BLASTER
| Freesco, NND, CDN, EOS http://forum.freesco.pl/ |
|
| wróżenie z...logów http://forum.freesco.pl/viewtopic.php?f=22&t=5379 |
Strona 1 z 1 |
| Autor: | Anonymous [ niedziela, 12 września 2004, 17:47 ] |
| Tytuł: | wróżenie z...logów |
witam czy ktoś może mi powiedzieć co oznaczają podane poniżej logi, bo mam ich "w cholerkę",praktycznie cały plik w logach /var/log/syslog. Zapytam jeszcze,czy pliki syslog.1 i syslog.2 z tegoż katalogu (mające po 2,5 mega i zawierające 99% takich wpisów) można spokojne usunąć? Mam NEO 128, serwer na NND + firewall Zciecha oraz sieć na 5 kompów i ...dopiero się tego uczę...Dzięki. >/var/log/syslog wycinek1 Sep 12 16:52:00 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.246.84 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=44765 DF PROTO=TCP SPT=4643 DPT=135 WINDOW=65535 RES=0x00 SYN URGP=0 Sep 12 16:52:17 nnd kernel: INPUT DENY: IN=ppp0 OUT= MAC= SRC=69.193.192.65 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=114 ID=5456 DF PROTO=TCP SPT=3881 DPT=445 WINDOW=64240 RES=0x00 SYN URGP=0 Sep 12 16:52:17 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.82.19 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=60052 DF PROTO=TCP SPT=3033 DPT=135 WINDOW=65535 RES=0x00 SYN URGP=0 Sep 12 16:52:20 nnd kernel: INPUT DENY: IN=ppp0 OUT= MAC= SRC=69.193.192.65 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=114 ID=5939 DF PROTO=TCP SPT=3881 DPT=445 WINDOW=64240 RES=0x00 SYN URGP=0 Sep 12 16:52:20 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.6.114 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=26382 DF PROTO=TCP SPT=3689 DPT=135 WINDOW=65535 RES=0x00 SYN URGP=0 Sep 12 16:52:23 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.6.114 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=26483 DF PROTO=TCP SPT=3689 DPT=135 WINDOW=65535 RES=0x00 SYN URGP=0 Sep 12 16:52:26 nnd kernel: INPUT DENY: IN=ppp0 OUT= MAC= SRC=69.193.192.65 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=114 ID=7278 DF PROTO=TCP SPT=3881 DPT=445 WINDOW=64240 RES=0x00 SYN URGP=0 Sep 12 16:52:26 nnd kernel: INPUT DENY: IN=ppp0 OUT= MAC= SRC=217.95.127.128 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=118 ID=7138 DF PROTO=TCP SPT=4478 DPT=445 WINDOW=64800 RES=0x00 SYN URGP=0 Sep 12 16:52:29 nnd kernel: INPUT DENY: IN=ppp0 OUT= MAC= SRC=217.95.127.128 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=118 ID=7354 DF PROTO=TCP SPT=4478 DPT=445 WINDOW=64800 RES=0x00 SYN URGP=0 Sep 12 16:52:39 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.94.229 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=7751 DF PROTO=TCP SPT=4222 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0 Sep 12 16:52:42 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.94.229 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=7851 DF PROTO=TCP SPT=4222 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0 Sep 12 16:52:52 nnd kernel: INPUT DENY: IN=ppp0 OUT= MAC= SRC=68.149.108.51 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=108 ID=9512 DF PROTO=TCP SPT=3049 DPT=445 WINDOW=16384 RES=0x00 SYN URGP=0 Sep 12 16:52:54 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.220.14 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=19115 DF PROTO=TCP SPT=3291 DPT=135 WINDOW=65535 RES=0x00 SYN URGP=0 Sep 12 16:52:54 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.252.204 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=30918 DF PROTO=TCP SPT=2360 DPT=135 WINDOW=65535 RES=0x00 SYN URGP=0 Sep 12 16:52:57 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.220.14 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=19252 DF PROTO=TCP SPT=3291 DPT=135 WINDOW=65535 RES=0x00 SYN URGP=0 Sep 12 16:52:57 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.252.204 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=31339 DF PROTO=TCP SPT=2360 DPT=135 WINDOW=65535 RES=0x00 SYN URGP=0 Sep 12 16:53:11 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.12.90 DST=83.29.80.136 LEN=52 TOS=0x00 PREC=0x00 TTL=156 ID=32620 DF PROTO=TCP SPT=3876 DPT=135 WINDOW=17044 RES=0x00 SYN URGP=0 Sep 12 16:53:19 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.30.23 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=1366 DF PROTO=TCP SPT=3698 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0 Sep 12 16:53:22 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.30.23 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=1519 DF PROTO=TCP SPT=3698 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0 Sep 12 16:53:43 nnd kernel: INPUT DENY: IN=ppp0 OUT= MAC= SRC=80.41.12.73 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=107 ID=25222 DF PROTO=TCP SPT=4847 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0 Sep 12 16:53:43 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.247.222 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=58438 DF PROTO=TCP SPT=3363 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0 Sep 12 16:53:46 nnd kernel: INPUT DENY: IN=ppp0 OUT= MAC= SRC=80.41.12.73 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=107 ID=25549 DF PROTO=TCP SPT=4847 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0 Sep 12 16:53:47 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.79.184 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=52410 DF PROTO=TCP SPT=3481 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0 Sep 12 16:53:50 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.79.184 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=52787 DF PROTO=TCP SPT=3481 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0 Sep 12 16:53:52 nnd kernel: INPUT DENY: IN=ppp0 OUT= MAC= SRC=80.41.12.73 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=107 ID=26092 DF PROTO=TCP SPT=4847 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0 albo takie coś.. >/var/log/syslog wycinek2 Sep 12 16:01:12 nnd kernel: INPUT DENY: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:ee:b1:02:b6:bf:08:00 SRC=192.168.46.21 DST=255.255.255.255 LEN=218 TOS=0x00 PREC=0x00 TTL=128 ID=2922 PROTO=UDP SPT=1039 DPT=55632 LEN=198 Sep 12 16:01:13 nnd kernel: INPUT DENY: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:ee:b1:02:b6:bf:08:00 SRC=192.168.46.21 DST=255.255.255.255 LEN=218 TOS=0x00 PREC=0x00 TTL=128 ID=2952 PROTO=UDP SPT=1039 DPT=55632 LEN=198 Sep 12 16:01:24 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.39.197 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=42090 DF PROTO=TCP SPT=1469 DPT=135 WINDOW=65535 RES=0x00 SYN URGP=0 Sep 12 16:01:40 nnd kernel: INPUT DENY: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:ee:b1:02:b6:bf:08:00 SRC=192.168.46.21 DST=255.255.255.255 LEN=218 TOS=0x00 PREC=0x00 TTL=128 ID=3706 PROTO=UDP SPT=1039 DPT=55632 LEN=198 Sep 12 16:01:41 nnd kernel: INPUT DENY: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:ee:b1:02:b6:bf:08:00 SRC=192.168.46.21 DST=255.255.255.255 LEN=218 TOS=0x00 PREC=0x00 TTL=128 ID=3735 PROTO=UDP SPT=1039 DPT=55632 LEN=198 Sep 12 16:01:42 nnd kernel: INPUT DENY: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:ee:b1:02:b6:bf:08:00 SRC=192.168.46.21 DST=255.255.255.255 LEN=218 TOS=0x00 PREC=0x00 TTL=128 ID=3764 PROTO=UDP SPT=1039 DPT=55632 LEN=198 Sep 12 16:01:43 nnd kernel: INPUT DENY: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:ee:b1:02:b6:bf:08:00 SRC=192.168.46.21 DST=255.255.255.255 LEN=218 TOS=0x00 PREC=0x00 TTL=128 ID=3793 PROTO=UDP SPT=1039 DPT=55632 LEN=198 Sep 12 16:01:44 nnd kernel: INPUT DENY: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:ee:b1:02:b6:bf:08:00 SRC=192.168.46.21 DST=255.255.255.255 LEN=218 TOS=0x00 PREC=0x00 TTL=128 ID=3822 PROTO=UDP SPT=1039 DPT=55632 LEN=198 Sep 12 16:01:45 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.234.24 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=53422 DF PROTO=TCP SPT=3088 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0 Sep 12 16:01:48 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.234.24 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=53504 DF PROTO=TCP SPT=3088 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0 Sep 12 16:01:48 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.253.247 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=15894 DF PROTO=TCP SPT=3197 DPT=135 WINDOW=65535 RES=0x00 SYN URGP=0 Sep 12 16:01:50 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.28.230 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=29685 DF PROTO=TCP SPT=4785 DPT=135 WINDOW=65535 RES=0x00 SYN URGP=0 Sep 12 16:01:53 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.28.230 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=29921 DF PROTO=TCP SPT=4785 DPT=135 WINDOW=65535 RES=0x00 SYN URGP=0 Sep 12 16:02:10 nnd kernel: INPUT DENY: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:ee:b1:02:b6:bf:08:00 SRC=192.168.46.21 DST=255.255.255.255 LEN=218 TOS=0x00 PREC=0x00 TTL=128 ID=4599 PROTO=UDP SPT=1039 DPT=55632 LEN=198 Sep 12 16:02:11 nnd kernel: INPUT DENY: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:ee:b1:02:b6:bf:08:00 SRC=192.168.46.21 DST=255.255.255.255 LEN=218 TOS=0x00 PREC=0x00 TTL=128 ID=4628 PROTO=UDP SPT=1039 DPT=55632 LEN=198 Sep 12 16:02:11 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.219.225 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=53904 DF PROTO=TCP SPT=4498 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0 Sep 12 16:02:12 nnd kernel: INPUT DENY: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:ee:b1:02:b6:bf:08:00 SRC=192.168.46.21 DST=255.255.255.255 LEN=218 TOS=0x00 PREC=0x00 TTL=128 ID=4657 PROTO=UDP SPT=1039 DPT=55632 LEN=198 Sep 12 16:02:13 nnd kernel: INPUT DENY: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:ee:b1:02:b6:bf:08:00 SRC=192.168.46.21 DST=255.255.255.255 LEN=218 TOS=0x00 PREC=0x00 TTL=128 ID=4686 PROTO=UDP SPT=1039 DPT=55632 LEN=198 Sep 12 16:02:14 nnd kernel: INPUT DENY: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:ee:b1:02:b6:bf:08:00 SRC=192.168.46.21 DST=255.255.255.255 LEN=218 TOS=0x00 PREC=0x00 TTL=128 ID=4716 PROTO=UDP SPT=1039 DPT=55632 LEN=198 Sep 12 16:02:35 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.9.32 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=63752 DF PROTO=TCP SPT=4004 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0 Sep 12 16:02:38 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.9.32 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=64085 DF PROTO=TCP SPT=4004 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0 Sep 12 16:02:40 nnd kernel: INPUT DENY: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:ee:b1:02:b6:bf:08:00 SRC=192.168.46.21 DST=255.255.255.255 LEN=218 TOS=0x00 PREC=0x00 TTL=128 ID=5470 PROTO=UDP SPT=1039 DPT=55632 LEN=198 Sep 12 16:02:41 nnd kernel: INPUT DENY: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:ee:b1:02:b6:bf:08:00 SRC=192.168.46.21 DST=255.255.255.255 LEN=218 TOS=0x00 PREC=0x00 TTL=128 ID=5499 PROTO=UDP SPT=1039 DPT=55632 LEN=198 Sep 12 16:02:41 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.224.33 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=48283 DF PROTO=TCP SPT=1482 DPT=135 WINDOW=65535 RES=0x00 SYN URGP=0 Sep 12 16:02:42 nnd kernel: INPUT DENY: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:ee:b1:02:b6:bf:08:00 SRC=192.168.46.21 DST=255.255.255.255 LEN=218 TOS=0x00 PREC=0x00 TTL=128 ID=5528 PROTO=UDP SPT=1039 DPT=55632 LEN=198 Sep 12 16:02:43 nnd kernel: INPUT DENY: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:ee:b1:02:b6:bf:08:00 SRC=192.168.46.21 DST=255.255.255.255 LEN=218 TOS=0x00 PREC=0x00 TTL=128 ID=5557 PROTO=UDP SPT=1039 DPT=55632 LEN=198 Sep 12 16:02:44 nnd kernel: INPUT DENY: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:ee:b1:02:b6:bf:08:00 SRC=192.168.46.21 DST=255.255.255.255 LEN=218 TOS=0x00 PREC=0x00 TTL=128 ID=5586 PROTO=UDP SPT=1039 DPT=55632 LEN=198 Sep 12 16:02:44 nnd kernel: INPUT Blaster: IN=ppp0 OUT= MAC= SRC=83.29.224.33 DST=83.29.80.136 LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=48505 DF PROTO=TCP SPT=1482 DPT=135 WINDOW=65535 RES=0x00 SYN URGP=0 |
|
| Autor: | prg080 [ niedziela, 12 września 2004, 18:14 ] |
| Tytuł: | |
Wyraznie napisane: BLASTER
|
|
| Autor: | Albercik [ sobota, 18 września 2004, 13:31 ] |
| Tytuł: | |
Następny log do znalizy
Sep 12 08:17:59 compus-net kernel: INPUT DENY: IN=eth0 OUT= MAC=00:e0:4c:ff:b3:4a:00:0b:23:2f:b5:ca:08:00 SRC=61.73.22.52 192.168.10.5 LEN=48 TOS=0x00 PREC=0x00 TTL=105 ID=58369 DF PROTO=TCP SPT=4908 DPT=4667 WINDOW=16384 RES=0x00 SYN URGP=0 ] ale moja sieć ma adres 192.168.1.0 
|
|
| Autor: | zciech [ sobota, 18 września 2004, 16:54 ] |
| Tytuł: | |
Kaza albo inny p2p to eth0 a on jest z inetu |
|
| Autor: | jarekjarek [ niedziela, 19 września 2004, 11:32 ] |
| Tytuł: | |
Jeżeli chodzi o post gege to tez mialem takie logi w których wystepowało coś takiego MAC=ff:ff:ff:ff:ff:ff:00:ee:b1:02:b6:bf:08:00 a przyczyną był zły wpis w dhcpd nie pamietam dokladnie co bylo zle ale cos z numerem IP występował 2 razy . No i nie przydzielał usero adresów IP co za tym idzie nie mieli neta jezeli ktoś miał wpisany ip w swoim kompie to neta miał. Nie wiem czy to to ale ja tak miałem. |
|
| Strona 1 z 1 | Strefa czasowa UTC+2godz. |
| Powered by phpBB® Forum Software © phpBB Group https://www.phpbb.com/ |
|