niXforums Forum Index
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   PreferencesPreferences   Log in to check your private messagesLog in to check your private messages   Log inLog in 
·  nixdoc.net ·  man pages ·  Linux HOWTOs ·  FreeBSD Tips ·  Forums
navigation Forum index » *nix » Linux » Distributions » Suse
what do these firewall warnings mean?
Post new topic   Reply to topic Page 1 of 1 [1 Post] View previous topic :: View next topic
Author Message
Sven Burmeister
*nix forums addict


Joined: 22 Feb 2005
Posts: 67

PostPosted: Wed Feb 09, 2005 12:09 am    Post subject: what do these firewall warnings mean? Reply with quote
Hi!

I got the following entries in my log and I do not know what they mean. As
far as I can see, my machine (190) was trying to contact two different IP
addresses. These have very strange "websites" when contacting them.
I noticed that I had nspluginviewer running, although there was no brwoser
left, could these be attempting to contact those two IPs?

I do not see any suspicious processes in top.

I would really appreciate some information, as I am a bit worried.

Sven

Feb 8 23:52:29 pc190 kernel: SFW2-OUT-ERROR IN= OUT=eth0 SRC=192.168.16.190
DST=143.252.156.11 LEN=52 TOS=0x08 PREC=0x00 TTL=64 ID=30012 DF PROTO=TCP
SPT=4575 DPT=80 WINDOW=1728 RES=0x00 ACK RST URGP=0 OPT
(0101080A01CD3256638CE0CA)
Feb 8 23:52:29 pc190 kernel: SFW2-OUT-ERROR IN= OUT=eth0 SRC=192.168.16.190
DST=143.252.156.11 LEN=52 TOS=0x08 PREC=0x00 TTL=64 ID=61627 DF PROTO=TCP
SPT=4577 DPT=80 WINDOW=1728 RES=0x00 ACK RST URGP=0 OPT
(0101080A01CD3256638D31CD)
Feb 9 00:18:06 pc190 kernel: SFW2-OUT-ERROR IN= OUT=eth0 SRC=192.168.16.190
DST=193.28.196.104 LEN=52 TOS=0x08 PREC=0x00 TTL=64 ID=10099 DF PROTO=TCP
SPT=5120 DPT=80 WINDOW=1808 RES=0x00 ACK FIN URGP=0 OPT
(0101080A01E4A68563C6387C)
Feb 9 00:18:06 pc190 kernel: SFW2-OUT-ERROR IN= OUT=eth0 SRC=192.168.16.190
DST=193.28.196.104 LEN=52 TOS=0x08 PREC=0x00 TTL=64 ID=10100 DF PROTO=TCP
SPT=5120 DPT=80 WINDOW=1808 RES=0x00 ACK PSH FIN URGP=0 OPT
(0101080A01E4A74E63C6387C)
Feb 9 00:18:06 pc190 kernel: SFW2-OUT-ERROR IN= OUT=eth0 SRC=192.168.16.190
DST=193.28.196.104 LEN=52 TOS=0x08 PREC=0x00 TTL=64 ID=10101 DF PROTO=TCP
SPT=5120 DPT=80 WINDOW=1808 RES=0x00 ACK PSH FIN URGP=0 OPT
(0101080A01E4A8E063C6387C)
Feb 9 00:18:07 pc190 kernel: SFW2-OUT-ERROR IN= OUT=eth0 SRC=192.168.16.190
DST=193.28.196.104 LEN=52 TOS=0x08 PREC=0x00 TTL=64 ID=10102 DF PROTO=TCP
SPT=5120 DPT=80 WINDOW=1808 RES=0x00 ACK PSH FIN URGP=0 OPT
(0101080A01E4AC0463C6387C)
Feb 9 00:18:09 pc190 kernel: SFW2-OUT-ERROR IN= OUT=eth0 SRC=192.168.16.190
DST=193.28.196.104 LEN=52 TOS=0x08 PREC=0x00 TTL=64 ID=10103 DF PROTO=TCP
SPT=5120 DPT=80 WINDOW=1808 RES=0x00 ACK PSH FIN URGP=0 OPT
(0101080A01E4B24C63C6387C)
Feb 9 00:18:31 pc190 kernel: SFW2-OUT-ERROR IN= OUT=eth0 SRC=192.168.16.190
DST=193.28.196.104 LEN=52 TOS=0x08 PREC=0x00 TTL=64 ID=10106 DF PROTO=TCP
SPT=5120 DPT=80 WINDOW=1808 RES=0x00 ACK PSH FIN URGP=0 OPT
(0101080A01E50A3C63C6387C)
Feb 9 00:18:57 pc190 kernel: SFW2-OUT-ERROR IN= OUT=eth0 SRC=192.168.16.190
DST=193.28.196.104 LEN=52 TOS=0x08 PREC=0x00 TTL=64 ID=10107 DF PROTO=TCP
SPT=5120 DPT=80 WINDOW=1808 RES=0x00 ACK PSH FIN URGP=0 OPT
(0101080A01E56EBC63C6387C)
Feb 9 00:19:48 pc190 kernel: SFW2-OUT-ERROR IN= OUT=eth0 SRC=192.168.16.190
DST=193.28.196.104 LEN=52 TOS=0x08 PREC=0x00 TTL=64 ID=10108 DF PROTO=TCP
SPT=5120 DPT=80 WINDOW=1808 RES=0x00 ACK PSH FIN URGP=0 OPT
(0101080A01E637BC63C6387C)


USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.0 0.0 596 80 ? S Feb08 0:01 init [5]
root 2 0.0 0.0 0 0 ? SN Feb08 0:00 [ksoftirqd/0]
root 3 0.0 0.0 0 0 ? S< Feb08 0:00 [events/0]
root 4 0.0 0.0 0 0 ? S< Feb08 0:00 [khelper]
root 5 0.0 0.0 0 0 ? S< Feb08 0:00 [netlink/0]
root 6 0.0 0.0 0 0 ? S< Feb08 0:00 [kacpid]
root 19 0.0 0.0 0 0 ? S< Feb08 0:00 [kblockd/0]
root 29 0.0 0.0 0 0 ? S Feb08 0:05 [pdflush]
root 32 0.0 0.0 0 0 ? S< Feb08 0:00 [aio/0]
root 31 0.0 0.0 0 0 ? S Feb08 0:07 [kswapd0]
root 615 0.0 0.0 0 0 ? S Feb08 0:00 [kseriod]
root 1708 0.0 0.0 0 0 ? S< Feb08 0:00 [reiserfs/0]
root 2133 0.0 0.0 1360 256 ? S<s Feb08 0:00 udevd
root 2157 0.0 0.0 0 0 ? S Feb08 0:00 [khubd]
root 2435 0.0 0.0 1432 312 ? S Feb08 0:00 [hwscand]
root 4233 0.0 0.1 1444 592 ? Ss Feb08 0:00 /sbin/syslogd
-a /var/lib/ntp/dev/log
root 4236 0.0 0.1 1516 532 ? Ss Feb08 0:00 /sbin/klogd
-c 1 -2 -x
root 4655 0.0 0.0 2032 476 ? Ss Feb08 0:00 /sbin/resmgrd
nobody 4665 0.0 0.0 1428 424 ? Ss Feb08 0:00 /sbin/portmap
root 4753 0.0 0.0 1388 412 ? Ss Feb08
0:00 /usr/sbin/acpid -c /etc/acpi/events.ignore
root 4777 0.0 0.1 2500 612 ? S Feb08
0:00 /usr/sbin/powersaved -d -x /usr/lib/powersave/scripts -a resmgr -v 3
lp 4851 0.0 0.1 6512 1004 ? Ss Feb08
0:00 /usr/sbin/cupsd
root 4853 0.0 0.0 2628 472 ? S Feb08
0:00 /opt/kde3/bin/kdm
root 4872 10.4 11.1 220276 57452 ? SL Feb08
67:07 /usr/X11R6/bin/X -nolisten tcp -br vt7
-auth /var/lib/xdm/authdir/authfiles/A:0-CQvUat
root 4873 0.0 0.1 3504 672 ? S Feb08 0:00 -:0
root 5024 0.0 0.1 4216 740 ? Ss Feb08
0:00 /usr/lib/postfix/master
postfix 5047 0.0 0.1 4716 732 ? S Feb08 0:00 qmgr -l -t
fifo -u
root 5059 0.0 0.1 43088 676 ? Ssl Feb08
0:00 /usr/sbin/nscd
rabauke 5207 0.0 0.1 3788 604 ? S Feb08
0:00 /bin/sh /opt/kde3/bin/startkde
rabauke 5242 0.0 0.1 3320 564 ? S Feb08 0:00 gpg-agent
--daemon --no-detach --keep-display ssh-agent /etc/X11/xinit/xinitrc
rabauke 5243 0.0 0.1 4728 656 ? Ss Feb08 0:00
ssh-agent /etc/X11/xinit/xinitrc
rabauke 5285 0.0 0.7 23184 4104 ? S Feb08 0:11 dcopserver
[kdeinit] dcopserver --nosid
rabauke 5305 1.4 1.8 38464 9624 ? S Feb08 9:00 kded
[kdeinit] kded
rabauke 5346 0.0 0.9 25296 5092 ? S Feb08 0:00 kaccess
[kdeinit] kaccess
rabauke 5369 1.1 0.9 19500 4996 ? S Feb08
7:38 /opt/kde3/bin/artsd -F 4 -S 4096 -a alsa -d -r 48000 -b 16 -s 5 -m
artsmessage -c drkonqi -l 3 -f
rabauke 5370 0.0 0.0 1376 276 ? S Feb08 0:00 kwrapper
ksmserver
rabauke 5372 0.0 1.0 25620 5292 ? S Feb08 0:00 ksmserver
[kdeinit] ksmserver
rabauke 5377 0.0 1.4 29804 7700 ? S Feb08 0:34 kwin
[kdeinit] kwin -session
10a0633139000109994116500000137360000_1107862646_738930
rabauke 5432 0.9 2.1 37028 11048 ? S Feb08 6:15 kdesktop
[kdeinit] kdesktop
rabauke 5442 1.4 2.0 35172 10608 ? S Feb08 9:34 kicker
[kdeinit] kicker
rabauke 5452 0.0 1.1 26724 6112 ? S Feb08 0:15 klipper
[kdeinit] klipper
rabauke 5457 0.0 1.2 27368 6428 ? S Feb08 0:00 susewatcher
[kdeinit] susewatcher -caption SuSE Watcher -icon kinternet.png -miniicon
kinternet.png --quiet
rabauke 5467 0.0 1.3 29236 6764 ? S Feb08 0:01 kgpg
rabauke 5472 0.0 1.2 34160 6444 ? Sl Feb08 0:02 suseplugger
[kdeinit] suseplugger -caption SUSE Plugger -icon hi22-action-hardware.png
-miniicon hi22-action-hardware.png --quiet
rabauke 5488 0.0 1.3 28860 6876 ? S Feb08 0:08 kmix
[kdeinit] kmix -session
10a0633139000110703172900000198380031_1107862635_950920
rabauke 5514 0.0 1.2 25700 6284 ? S Feb08 0:01
kwalletmanager -session
10a0633139000110572600800000308400011_1107862635_834298
rabauke 5517 0.0 1.0 26820 5204 ? S Feb08 0:00 konqueror
[kdeinit] konqueror -session
10a0633139000110771586900000053800019_1107862635_594002
root 5553 0.0 0.0 1660 496 ? Ss Feb08
0:00 /usr/sbin/cron
rabauke 5919 0.0 1.3 26836 7156 ? S Feb08 0:01 kwatchgnupg
-session 10a0633139000110225248500000057430021_1107862635_798889
root 5986 0.0 0.0 1824 500 tty1 Ss+ Feb08
0:00 /sbin/mingetty --noclear tty1
root 5987 0.0 0.0 1824 500 tty2 Ss+ Feb08
0:00 /sbin/mingetty tty2
root 5988 0.0 0.0 1824 500 tty3 Ss+ Feb08
0:00 /sbin/mingetty tty3
root 5989 0.0 0.0 1824 500 tty4 Ss+ Feb08
0:00 /sbin/mingetty tty4
root 5990 0.0 0.0 1824 500 tty5 Ss+ Feb08
0:00 /sbin/mingetty tty5
root 5991 0.0 0.0 1824 500 tty6 Ss+ Feb08
0:00 /sbin/mingetty tty6
rabauke 6017 0.1 4.6 58820 23904 ? Sl Feb08 1:10 knode
-session 10a0633139000110777400400000053970010_1107847778_131630
rabauke 6018 0.2 5.3 62640 27708 ? S Feb08 1:42 kontact
-session 10a0633139000110751956800000053630010_1107862635_535373
rabauke 6028 0.0 0.0 1436 412 ? S Feb08 0:00 watchgnupg
--force /home/rabauke/.gnupg/log-socket
rabauke 6042 0.2 2.7 53352 14160 ? S Feb08 1:45 juk -session
10a0633139000110716399300000058280025_1107862635_533754
rabauke 6163 0.0 1.3 33980 6872 ? S Feb08 0:22 kio_pop3
[kdeinit] kio_pop3
pop3s /tmp/ksocket-rabauke/klauncherbcDKxb.slave-socket /tmp/ksocket-rabauke/kontactq2PZIa.slave-socket
rabauke 17312 0.0 1.3 29868 6976 ? S Feb08 0:08 kio_uiserver
[kdeinit] kio_uiserver
rabauke 12958 0.0 0.8 24576 4164 ? Ss Feb08 0:00 kdeinit
Running...
rabauke 12964 0.0 1.0 25404 5300 ? S Feb08 0:00 klauncher
[kdeinit] klauncher
rabauke 12977 0.0 1.5 34208 7844 ? S Feb08 0:05 knotify
[kdeinit] knotify
rabauke 25319 11.9 4.4 66020 22836 ? S Feb08 44:14 kopete
-caption Kopete -icon kopete -miniicon kopete
rabauke 30639 1.0 2.8 47128 14868 ? S Feb08 1:52 konqueror
[kdeinit] konqueror --silent
root 4019 0.0 0.0 0 0 ? S Feb08 0:05 [pdflush]
rabauke 6267 0.1 3.9 76596 20308 ? S Feb08 0:11
kaffeine /home/rabauke/(2005.02.0Cool 21 Gramm (DVD) (noch nicht
uebernommen)/VTS_01_1.VOB
rabauke 6277 0.0 1.4 26700 7404 ? S Feb08 0:00 kio_file
[kdeinit] kio_file
file /tmp/ksocket-rabauke/klauncherFHiDTa.slave-socket /tmp/ksocket-rabauke/kaffeineISsClb.slave-socket
postfix 24106 0.0 0.2 4684 1280 ? S 01:25 0:00 pickup -l -t
fifo -u
rabauke 24116 0.0 1.6 33484 8732 ? S 01:25 0:00 kio_pop3
[kdeinit] kio_pop3
pop3 /tmp/ksocket-rabauke/klauncherFHiDTa.slave-socket /tmp/ksocket-rabauke/kontactOBkcPb.slave-socket
rabauke 29574 1.3 6.9 73028 35848 ? Sl 01:54
0:11 /opt/MozillaFirefox/lib/firefox-bin
rabauke 29595 0.0 0.4 4844 2264 ? S 01:54
0:00 /opt/gnome/lib/GConf/2/gconfd-2 11
rabauke 29625 0.1 5.9 231240 30812 ? Sl 01:54 0:01 java_vm
rabauke 30690 1.4 3.2 29048 16836 ? Ss 02:00 0:07 ksysguard
--showprocesses
rabauke 30716 0.8 0.2 3372 1268 ? S 02:00 0:04 ksysguardd
rabauke 31115 0.0 1.1 15068 5684 ? S 02:02
0:00 /opt/kde3/bin/kdesud
root 31149 0.0 1.6 22948 8736 ? S 02:02 0:00 dcopserver
[kdeinit] dcopserver --nosid --suicide
root 31153 0.0 2.2 24420 11588 ? S 02:02 0:00 kded
[kdeinit] kded
rabauke 31420 0.3 0.6 4476 3208 ? S 02:03 0:00 ispell -a -S
-C -d deutsch
rabauke 32267 5.3 2.8 31192 14932 ? S 02:08 0:00 konsole
[kdeinit] konsole
rabauke 32274 0.5 0.3 4276 1844 pts/1 Ss 02:08 0:00 /bin/bash
rabauke 32317 0.0 0.1 2372 708 pts/1 R+ 02:08 0:00 ps aux
Back to top
Google
Back to top
Display posts from previous:   
Post new topic   Reply to topic Page 1 of 1 [1 Post] View previous topic :: View next topic
The time now is Thu Jan 08, 2009 7:05 pm | All times are GMT
navigation Forum index » *nix » Linux » Distributions » Suse
Jump to:  

Similar Topics
Topic Author Forum Replies Last Post
No new posts Hiding warnings eugenio@iatmgu.com PHP 1 Mon Jul 17, 2006 3:48 pm
No new posts ACPI warnings Tom Suse 3 Sun Jul 16, 2006 6:30 am
No new posts oracle and outpost firewall colin Oracle 1 Wed Jul 12, 2006 8:46 am
No new posts US Navy attempting to patent the firewall Paul Johnson Debian 0 Fri Jul 07, 2006 6:40 pm
No new posts Oracle sql completed with warnings... Lionel Server 7 Wed Jul 05, 2006 5:11 pm

Remortgages | Loans | Mortgage | Capital One Credit Cards | Photography
Copyright © 2004-2005 DeniX Solutions SRL
 
Other DeniX Solutions sites: Unix/Linux blog |  electronics forum |  medicine forum |  science forum | 
Privacy Policy


Powered by phpBB © 2001, 2005 phpBB Group

[ Time: 0.1243s ][ Queries: 16 (0.0311s) ][ GZIP on - Debug on ]