lots of tcp port 445 traffic

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

I get lots of tcp port 445 traffic when I do a tcpdump -n port 445, could it be an attack?

I check on the syslog files at /var/log/syslog, it shows this as below: -

Dec  7 00:36:40 fw01 kernel: Neighbour table overflow.
Dec  7 00:36:46 fw01 kernel: NET: 32 messages suppressed.
Dec  7 00:36:46 fw01 kernel: Neighbour table overflow.
Dec  7 00:36:51 fw01 kernel: NET: 27 messages suppressed.
Dec  7 00:36:51 fw01 kernel: Neighbour table overflow.
Dec  7 00:38:14 fw01 kernel: NET: 6 messages suppressed.
Dec  7 00:38:14 fw01 kernel: Neighbour table overflow.

When I try to ping my router IP address, I get this message below: -

connect: No buffer space available

I did tried running the below command and it seems not helping much: -

iptables -I cus2jarwan -p tcp --dport 445 -j REJECT --reject-with tcp-reset

or

iptables -I cus2jarwan -p tcp --dport 445 -j DROP

How can I stop this tcp port 445 traffic?  Or how can I prevent it?

Regards,
ro0ot




[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux