[CentOS-es] mensajes extraños log messages
troxlinux
xserverlinux en gmail.com
Vie Dic 2 11:17:23 EST 2011
Señores ayer tuve una caída de mi red no podía accesar a ningún
servicio como Internet y correo , y veo en mi proxy / firewall estos
mensajes extraños q aun no acabo de comprender , creo que fui atacado
internamente .. tuve asi por lapso de 4 horas , alguna idea?
les muestro algo raro de mi log
Dec 1 09:28:55 proxyf kernel: printk: 1 messages suppressed.
Dec 1 09:28:55 proxyf kernel: Redirect from 172.16.9.186 on eth1
about 172.16.9.32 ignored.
Dec 1 09:28:55 proxyf kernel: Advised path = 172.16.8.49 -> 172.16.9.32
Dec 1 09:28:56 proxyf kernel: Redirect from 172.16.9.186 on eth1
about 172.16.8.86 ignored.
Dec 1 09:28:56 proxyf kernel: Advised path = 172.16.8.49 -> 172.16.8.86
Dec 1 09:28:56 proxyf kernel: Redirect from 172.16.9.186 on eth1
about 172.16.8.86 ignored.
Dec 1 09:28:56 proxyf kernel: Advised path = 172.16.8.49 -> 172.16.8.86
Dec 1 09:28:56 proxyf kernel: Redirect from 172.16.9.186 on eth1
about 172.16.8.86 ignored.
Dec 1 09:28:56 proxyf kernel: Advised path = 172.16.8.49 -> 172.16.8.86
Dec 1 09:29:01 proxyf kernel: printk: 3 messages suppressed.
Dec 1 09:29:01 proxyf kernel: Redirect from 172.16.9.186 on eth1
about 172.16.8.172 ignored.
Dec 1 09:29:01 proxyf kernel: Advised path = 172.16.8.49 -> 172.16.8.172
Dec 1 09:29:40 proxyf kernel: printk: 2 messages suppressed.
Dec 1 09:29:40 proxyf kernel: Redirect from 172.16.9.186 on eth1
about 172.16.9.16 ignored.
Dec 1 09:29:40 proxyf kernel: Advised path = 172.16.8.49 -> 172.16.9.16
Dec 1 09:30:07 proxyf kernel: Redirect from 172.16.9.186 on eth1
about 172.16.8.10 ignored.
Dec 1 09:30:07 proxyf kernel: Advised path = 172.16.8.49 -> 172.16.8.10
Dec 1 09:18:58 proxyf kernel: Redirect from 172.16.9.186 on eth1
about 172.16.8.143 ignored.
Dec 1 09:18:58 proxyf kernel: Advised path = 172.16.8.49 -> 172.16.8.143
Dec 1 09:18:58 proxyf kernel: Redirect from 172.16.9.186 on eth1
about 172.16.8.172 ignored.
Dec 1 09:18:58 proxyf kernel: Advised path = 172.16.8.49 -> 172.16.8.172
Dec 1 09:19:00 proxyf kernel: Shorewall:net2fw:DROP:IN=eth1 OUT=
MAC=00:e0:29:67:e2:9e:00:21:9b:39:22:ee:08:00 SRC=172.16.9.113
DST=172.16.8.49 LEN=48 TOS=0x00 PREC=0x00 TTL=128 ID=9701 DF PROTO=TCP
SPT=49442 DPT=808 WINDOW=8192 RES=0x00 SYN URGP=0
Dec 1 09:19:14 proxyf kernel: Redirect from 172.16.9.186 on eth1
about 172.16.9.16 ignored.
Dec 1 09:19:14 proxyf kernel: Advised path = 172.16.8.49 -> 172.16.9.16
Dec 1 09:19:46 proxyf kernel: Redirect from 172.16.9.186 on eth1
about 172.16.9.200 ignored.
Dec 1 09:19:46 proxyf kernel: Advised path = 172.16.8.49 -> 172.16.9.200
Dec 1 09:20:07 proxyf kernel: Redirect from 172.16.9.186 on eth1
about 172.16.8.10 ignored.
Dec 1 09:20:07 proxyf kernel: Advised path = 172.16.8.49 -> 172.16.8.10
Dec 1 09:20:08 proxyf snmpd[2849]: Connection from UDP: [172.16.8.49]:57555
Dec 1 09:20:08 proxyf snmpd[2849]: Received SNMP packet(s) from UDP:
[172.16.8.49]:57555
Dec 1 09:20:08 proxyf snmpd[2849]: Connection from UDP: [172.16.8.49]:46999
Dec 1 09:20:08 proxyf snmpd[2849]: Received SNMP packet(s) from UDP:
[172.16.8.49]:46999
Dec 1 09:20:08 proxyf snmpd[2849]: Connection from UDP: [172.16.8.49]:52057
Dec 1 09:20:08 proxyf snmpd[2849]: Received SNMP packet(s) from UDP:
[172.16.8.49]:52057
Dec 1 09:20:08 proxyf snmpd[2849]: Connection from UDP: [172.16.8.49]:43959
Dec 1 09:20:08 proxyf snmpd[2849]: Received SNMP packet(s) from UDP:
[172.16.8.49]:43959
Dec 1 09:20:08 proxyf snmpd[2849]: Connection from UDP: [172.16.8.49]:55442
Dec 1 09:20:08 proxyf snmpd[2849]: Received SNMP packet(s) from UDP:
[172.16.8.49]:55442
--
rickygm
http://gnuforever.homelinux.com
Más información sobre la lista de distribución CentOS-es