DNS fedora box showing P2P activity port 45179 to port 6346

Jim Christiansen christiansen_j at hotmail.com
Wed Jun 8 14:55:18 UTC 2005


Hello,  My ISP provider has reported back to me that they have logged 
suspicious traffic on my DNS box.  Here is a clip that shows what they have 
recorded...

If I lock down all but udp 53 with iptables will my DNS still work??

What the heck is this?? Thanks for any ideas.. Jim

2005-04-26/09:57:14 2005-04-26/09:57:59     142.26.181.85     6-tcp   45179  
            24.150.56.151    6346              5           300  CANADA
2005-04-26/09:58:52 2005-04-26/09:58:52     142.26.181.85     6-tcp   45233  
              82.20.20.90    6346              1            52  UNITED 
KINGDOM
2005-04-26/09:57:17 2005-04-26/09:58:02     142.26.181.85     6-tcp   45181  
           70.240.239.154    6346              5           300  UNITED 
STATES
2005-04-26/09:57:17 2005-04-26/09:58:02     142.26.181.85     6-tcp   45182  
            66.57.201.177    6346              5           300  UNITED 
STATES
2005-04-26/09:57:22 2005-04-26/09:58:07     142.26.181.85     6-tcp   45183  
           217.209.82.100    6346              5           300  SWEDEN
2005-04-26/09:57:28 2005-04-26/09:58:13     142.26.181.85     6-tcp   45186  
           172.203.19.254    6346              5           300  UNITED 
STATES
2005-04-26/09:57:27 2005-04-26/09:58:12     142.26.181.85     6-tcp   45185  
           81.136.167.220    6346              5           300  UNITED 
KINGDOM
2005-04-26/09:58:18 2005-04-26/09:58:19     142.26.181.85     6-tcp   45213  
           157.252.169.62    6346              3           439  UNITED 
STATES
2005-04-26/09:57:31 2005-04-26/09:58:16     142.26.181.85     6-tcp   45188  
             24.221.111.9    6346              5           300  UNITED 
STATES
2005-04-26/09:52:03 2005-04-26/10:00:19     80.161.121.28     6-tcp    6346  
            142.26.181.85   42068            444        519075  DENMARK
2005-04-26/09:28:21 2005-04-26/10:00:22     24.13.199.177     6-tcp    6346  
            142.26.181.85   42724           4885       6033197  UNITED 
STATES
2005-04-26/09:57:35 2005-04-26/09:58:20     142.26.181.85     6-tcp   45190  
            193.77.19.155    6346              5           300  SLOVENIA
2005-04-26/09:57:36 2005-04-26/09:58:21     142.26.181.85     6-tcp   45192  
             193.77.15.34    6346              5           300  SLOVENIA
2005-04-26/09:31:09 2005-04-26/09:58:21    130.15.224.193     6-tcp    6346  
            142.26.181.85   40169            378        445115  CANADA
2005-04-26/09:28:21 2005-04-26/10:00:23     142.26.181.85     6-tcp   42724  
            24.13.199.177    6346           4293        267495  UNITED 
STATES
2005-04-26/09:57:39 2005-04-26/09:58:24     142.26.181.85     6-tcp   45193  
             69.45.217.28    6346              5           300  UNITED 
STATES
2005-04-26/09:58:25 2005-04-26/09:58:25     142.26.181.85     6-tcp   45219  
             24.45.217.12    6346              3           435  UNITED 
STATES
2005-04-26/09:49:30 2005-04-26/09:58:26     142.26.181.85     6-tcp   44289  
          213.238.103.229    6346            804         51790  POLAND
2005-04-26/09:57:40 2005-04-26/09:58:25     142.26.181.85     6-tcp   45194  
            83.93.201.118    6346              5           300  DENMARK





More information about the fedora-list mailing list