Steve Simmons <[email protected]> writes: > On Mar 10, 2011, at 10:46 AM, Claudio Prono wrote:
>> I have found some strange logs from a windows Client to my AFS: >> Mar 9 14:52:22 afs kernel: [8648828.273271] UDP: short packet: From >> xxx.xxx.xxx.68:7001 88/73 to xxx.xxx.xxx.xxx:7000 >> Mar 9 15:16:39 afs kernel: [8650285.187992] UDP: short packet: From >> xxx.xxx.xxx.68:7001 78/73 to xxx.xxx.xxx.xxx:7000 >> Mar 9 16:28:58 afs kernel: [8654623.984326] UDP: short packet: From >> xxx.xxx.xxx.68:7001 76/73 to xxx.xxx.xxx.xxx:7000 >> Any idea of what can be? I have looked at the Client, but all seems ok.... > We have occasionally seen these. Other folks here tell me it's usually > due to low-quality hacking tools doing UDP-based probes. When they > happen here, the source address is always from various places > off-campus. That was my first thought as well, but it's a fairly huge coincidence for a generic hacking tool to connect to port 7000 from source port 7001. -- Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/> _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
