Hi Kai, > Flags: SYN: 1 FIN: 1 ACK: 0 PSH: 0 URG: 0 RST: 0
What is unusual here is that both the ACK and the FIN flags were set. This never happens during a regular TCP/IP connection. So someone was most likely sending manually crafted packets your way, or using some kind of security auditing tool. I don't want to bore you with the details. If you're interested you can read them up here: http://www.cs.cornell.edu/courses/cs414/2001SP/lectures/TCPIP.pdf -- With best regards, Michael Stauber [EMAIL PROTECTED] Unix/Linux Support Engineer _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
