From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from goliath.sylaba.poznan.pl ([195.216.104.3] ident=root)
	by speech.braille.uwo.ca with esmtp (Exim 3.32 #1 (Debian))
	id 16KQ0d-0004qX-00
	for <speakup@braille.uwo.ca>; Sat, 29 Dec 2001 15:23:11 -0500
Received: from Cybertsar (ppp13.sylaba.poznan.pl [195.216.104.113])
	by goliath.sylaba.poznan.pl (8.11.6/8.10.1) with SMTP id fBTKNAe18698
	for <speakup@braille.uwo.ca>; Sat, 29 Dec 2001 21:23:11 +0100 (CET)
Message-ID: <000001c190a6$9e5de8d0$0100a8c0@Cybertsar>
From: "Victor Tsaran" <tsar@sylaba.poznan.pl>
To: <speakup@braille.uwo.ca>
References: <20011228205446.A899@uic.edu>
Subject: Re: Is someone trying to hack me?
Date: Sat, 29 Dec 2001 14:54:53 +0100
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Sender: speakup-admin@braille.uwo.ca
Errors-To: speakup-admin@braille.uwo.ca
X-BeenThere: speakup@braille.uwo.ca
X-Mailman-Version: 2.0.7
Precedence: bulk
Reply-To: speakup@braille.uwo.ca
List-Help: <mailto:speakup-request@braille.uwo.ca?subject=help>
List-Post: <mailto:speakup@braille.uwo.ca>
List-Subscribe: <http://speech.braille.uwo.ca/mailman/listinfo/speakup>,
	<mailto:speakup-request@braille.uwo.ca?subject=subscribe>
List-Id: Speakup is a screen review system for Linux. <speakup.braille.uwo.ca>
List-Unsubscribe: <http://speech.braille.uwo.ca/mailman/listinfo/speakup>,
	<mailto:speakup-request@braille.uwo.ca?subject=unsubscribe>
List-Archive: <http://speech.braille.uwo.ca/pipermail/speakup/>

Perhaps it is one of the search engines scanning.
Best,
Vic

----- Original Message -----
From: "Gregory Nowak" <gnowak1@uic.edu>
To: <speakup@braille.uwo.ca>
Sent: Saturday, December 29, 2001 3:54 AM
Subject: Is someone trying to hack me?


> Hi all,
>
> I thought I'd ask this, since I've been seeing some strange things in
/var/adm/kernel lately, and wasn't exactly sure what the hell theese were.
> Below is an example out of /var/adm/kernel. Note that I've replaced my ip
address below with "myip".
>
>
>
> Dec 28 20:04:32 linserver kernel: IN=eth0 OUT=
MAC=00:50:da:7c:fe:24:00:02:17:61:40:60:08:00 SRC=216.148.218.197 DST=myip
LEN=88 TOS=0x00 PREC=0xC0 TTL=245 ID=16488 PROTO=ICMP TYPE=3 CODE=3
[SRC=myip DST=216.148.218.197 LEN=60 TOS=0x00
> PREC=0x00 TTL=56 ID=51822 DF PROTO=TCP SPT=1192 DPT=21 WINDOW=5840
RES=0x00 SYN URGP=0 ]
>
>
>
> So, is someone trying to hack my box? If not, then what is this stuff
anyway? It looks like one of the packates is a ping packate, but I'm not
sure. Yes, I have my firewall script log pings.
> Thanks for any explanations.
> Greg
>
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
>
>