Hi Leon, if someone is trying to register of start a call, you should see a RegistrationRequest or a Setup from that IP in your trace and your authentication policies should block it. If you don't see any messages from those IPs, maybe somebody is doing port scans on your server ? Regards, Jan Leon Li wrote: > Hi all, > > I saw the following logs in my gnugk constantly. The port is changing every time. However, I can't see any TCP connections on those IP at all. > > 2012/06/28 04:51:06.469 3 yasocket.cxx(799) Q931s Delete socket 111.118.164.210:41433 > 2012/06/28 04:51:12.718 3 yasocket.cxx(799) Q931s Delete socket 202.73.56.236:58301 > > Are there some actions try to register or setup calls (Q931)? Any suggestion on stopping this? > > Regards, > Leon -- Jan Willamowius, jan@xxxxxxxxxxxxxx, http://www.gnugk.org/ ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________________ Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users Homepage: http://www.gnugk.org/
