-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sunday 20 October 2002 09:19 pm, steveo@syslang.net wrote: > I am only getting these messages because I have outbound packets with > destination port 7 blocked. I think I may have been compromised in some > way, just because the packets are outbound. They seem to come in groups > of 6 at seemingly random intervals and seem to be focused on the > following addresses: > 216.52.13.9[014] and 209.204.62.150 > > I have a number of questions about how to deal with this issue: > > 1. How can I find out what program is running to produce this? > 2. Is anyone else getting messages like this in their syslog? (You > would need your firewall to block appropriately to see this.) > 3. Is there any way that I can get access to those packets and see what > the message is that they are trying to send? It would appear you are not alone. There have been other reports of the same behaviour. 209.204.62.150 resolves to razor.pacificnet.net. The other addresses don't resolve. Searching on google for that returns several hits, the first 2 being dead links. Not much info, and no real answer that I saw. http://www.google.com/search?q=%22razor.pacificnet.net%22&hl=en&lr=&ie=UTF-8&oe=UTF-8&filter=0 - -- - -Michael pgp key: http://www.tuxfan.homeip.net:8080/gpgkey.txt Red Hat Linux 7.{2,3} in 8M of RAM: http://www.rule-project.org/ - -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE9s3Cnn/07WoAb/SsRAj9uAJ9bydua79MFYU3CKowPwupy1B3Z5ACcD1HK e4kVj+19N9mmdL8PWv2JFgY= =touv -----END PGP SIGNATURE----- -- Psyche-list mailing list Psyche-list@redhat.com https://listman.redhat.com/mailman/listinfo/psyche-list
