[Dshield] Increase In Noise?

Glenn Jarvis gaj at sympatico.ca
Wed Jan 28 12:50:26 GMT 2004


Normally, I would get about 2 to 4 reports daily from the router (it 
emails them,only option), but for the last few days, I'm getting overloaded
with the things. I've turned the option off in the router to stop 
sending me the reports. Is the noise related to the SCO gem? Or is it 
something
else? I have added just a few lines from the log and you can see the 
time intervals...
As I've mentioned before, grc.com tells me the router is completely 
stealthed, so this has to be just noise...(just a lot of it!) :-)

Jan/28/2004 07:05:38
 Drop ICMP packet from WAN src:67.72.179.157:8 dst:67.70.196.106:0 Rule: ping disable deny
Jan/28/2004 07:03:05
 Drop ICMP packet from WAN src:67.73.187.89:8 dst:67.70.196.106:0 Rule: ping disable deny
Jan/28/2004 07:02:49
 Drop TCP packet from WAN src:67.68.49.237:2878 dst:67.70.196.106:135 Rule: Default deny
Jan/28/2004 07:01:50
 Drop ICMP packet from WAN src:67.67.138.8:8 dst:67.70.196.106:0 Rule: ping disable deny
Jan/28/2004 07:01:27
 Drop TCP packet from WAN src:65.93.18.2:3737 dst:67.70.196.106:139 Rule: Default deny
Jan/28/2004 07:01:21
 Drop TCP packet from WAN src:65.93.18.2:3737 dst:67.70.196.106:139 Rule: Default deny
Jan/28/2004 07:01:18
 Drop TCP packet from WAN src:65.93.18.2:3737 dst:67.70.196.106:139 Rule: Default deny
Jan/28/2004 07:00:52
 Drop UDP packet from WAN src:83.32.165.112:20388 dst:67.70.196.106:137 Rule: Default deny
Jan/28/2004 07:00:30
 Drop UDP packet from WAN src:193.225.21.38:1030 dst:67.70.196.106:137 Rule: Default deny
Jan/28/2004 06:59:54
 Drop UDP packet from WAN src:217.2.71.236:1026 dst:67.70.196.106:137 Rule: Default deny






More information about the list mailing list