From: Martin Feeney (martin at domain tuatha.org)
Date: Thu 11 May 2000 - 18:06:09 IST
Is this a hack attempt or just someone(dt065n72.san.rr.com) with a very
strangely configured dns?
rr.com is roadrunner (cable access company in the states), so I'm guessing
it's just a user with misconfigured dns settings (probably windows using
dns broadcast for wins stuff).
May 9 08:12:50 banba kernel: Packet log: input DENY eth1 PROTO=6
24.30.156.114:2475 255.255.255.255:53 L=60 S=0x00 I=61930 F=0x4000 T=44
SYN (#42)
May 9 08:12:50 banba kernel: Packet log: input DENY eth1 PROTO=6
24.30.156.114:2482 255.255.255.255:53 L=60 S=0x00 I=61938 F=0x4000 T=44
SYN (#42)
May 9 08:12:53 banba kernel: Packet log: input DENY eth1 PROTO=6
24.30.156.114:2475 255.255.255.255:53 L=60 S=0x00 I=62059 F=0x4000 T=44
SYN (#42)
May 9 08:12:53 banba kernel: Packet log: input DENY eth1 PROTO=6
24.30.156.114:2482 255.255.255.255:53 L=60 S=0x00 I=62072 F=0x4000 T=44
SYN (#42)
May 9 08:12:59 banba kernel: Packet log: input DENY eth1 PROTO=6
24.30.156.114:2475 255.255.255.255:53 L=60 S=0x00 I=62245 F=0x4000 T=44
SYN (#42)
May 9 08:12:59 banba kernel: Packet log: input DENY eth1 PROTO=6
24.30.156.114:2482 255.255.255.255:53 L=60 S=0x00 I=62250 F=0x4000 T=44
SYN (#42)
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:06:07 GMT