[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: DNS fedora box showing P2P activity port 45179 to port 6346



Am Mi, den 08.06.2005 schrieb Jim Christiansen um 16:55:

> Hello,  My ISP provider has reported back to me that they have logged 
> suspicious traffic on my DNS box.  Here is a clip that shows what they have 
> recorded...
> 
> If I lock down all but udp 53 with iptables will my DNS still work??
> 
> What the heck is this?? Thanks for any ideas.. Jim
> 
> 2005-04-26/09:57:14 2005-04-26/09:57:59     142.26.181.85     6-tcp   45179  
>             24.150.56.151    6346              5           300  CANADA

Not clear to me where your DNS host is located and what else it does.
Can it be that you are running P2P in your net which uses the DNS host?
If not intended, then find the bad install. Maybe you are trojaned.

DNS uses both UDP and TCP port 53.

Alexander


-- 
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.27_FC2smp 
Serendipity 17:13:30 up 15 days, 15:51, load average: 0.10, 0.10, 0.06 

Attachment: signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]