Portsentry reported this:
Active System Attack Alerts
=-=-=-=-=-=-=-=-=-=-=-=-=-=
Oct 17 20:36:51 hornet portsentry[642]: attackalert: UDP scan
from
host: 1Cust222.tnt5.phoenix2.az.da.uu.net/63.16.193.222 to UDP
port:
161
Oct 17 20:36:51 hornet portsentry[642]: attackalert: Host
63.16.193.222 has been blocked via wrappers with string: "ALL:
63.16.193.222"
Oct 17 20:36:51 hornet portsentry[642]: attackalert: Host
63.16.193.222 has been blocked via dropped route using command:
"/sbin/route add -host 63.16.193.222 reject"
Zone alarm also reported this person did a syn scan on my win 98
box. Is there anything else that I should check?
I have some ipchains rules set up, that will deny most anything
incoming. But I want to be on the safe side. :-)
Dan
