DNS fedora box showing P2P activity port 45179 to port 6346
David Cary Hart
Fedora at TQMcube.com
Wed Jun 8 15:12:40 UTC 2005
On Wed, 2005-06-08 at 08:55 -0600, Jim Christiansen wrote:
> Hello, My ISP provider has reported back to me that they have logged
> suspicious traffic on my DNS box. Here is a clip that shows what they have
> recorded...
>
> If I lock down all but udp 53 with iptables will my DNS still work??
>
Apparently this is a dedicated dns server??? Caching or authenticating?
Isn't the traffic NAT'd?
> What the heck is this?? Thanks for any ideas.. Jim
> 2005-04-26/09:57:14 2005-04-26/09:57:59 142.26.181.85 6-tcp 45179
> 24.150.56.151 6346 5 300 CANADA
> 2005-04-26/09:58:52 2005-04-26/09:58:52 142.26.181.85 6-tcp 45233
> 82.20.20.90 6346 1 52 UNITED
> KINGDOM
What format is this log? What do your logs show?
--
Multi-RBL Check: http://www.TQMcube.com/rblcheck.htm
Kill Spam at the Source: http://www.TQMcube.com/spam_trap.htm
Today's Spam Trap Adds: http://www.TQMcube.com/BlockedToday
RBLDNSD HowTo: http://www.TQMcube.com/rbldnsd.htm
More information about the fedora-list
mailing list