UDP od 10.102.1.145

Pátek Říjen 15 20:11:50 CEST 2004

No prave, s tim linuxem mi to taky prislo divny. V priloze prikladam log z 
firewallu Agnitum Outpost Pro 2 (konkretne sekce podezrele pakety - 
suspicious packets, ktere mi prisly za posledni tri dny z dooru; vlevo 
datum/cas, uprostred IP adresa, vpravo potom port). Moje IP je 192.168.163.3

"Tomas Tichy" <tichy na math.cas.cz> píse v diskusním príspevku 
news:mailman.497.1097861885.1922.kladno na sluzby.klfree.net...
> On Fri, Oct 15, 2004 at 06:02:39PM +0200, Magus wrote:
>> Posledni dobou se tahle IP adresa : 10.202.1.145 stale snazi o spojeni na
> tato IP adresa prislusi pocitaci door.klfree.net, tedy gateway do 
> internetu
> pres firmu Inway, pomalu jsme zacali precislovavat sit precislovanim
> routeru.
>
>> UDP portech : 1033,1026,1030,1057,1027,1029,1028 . Firewall mi vypisuje, 
>> ze
>> na moji strane je komunikace smerovana na svchost.exe
>> Muzu se zeptat, co to je za sluzbu ? Jestli to tedy mam povolit nebo 
>> naopak
>> nechat zablokovane ?
> Co to je netusim... na dooru, pokud vim, nic takoveho nebezi. Ze by to byl
> virus dost pochybuju, vzhledem k tomu, ze tam je linux ;-).
>
> Zajimaly by me nejake podrobnosti - jako jak casto se snazi o spojeni
> a na kterou ip adresu...?
>
> Tom
> 

begin 666 fwlog.log
M,3DZ,S,Z,3<),3 N,3 R+C$N,30U"4E#35 @*#(P-#@I#0HQ.3HQ,CHQ, DQ
M,"XQ,#(N,2XQ-#4)5410("@Q,#0W*0T*,3 na Z-3<Z,C,),3 N,3 R+C$N,30U
M"55$4" H,3 T-RD-"C$X.C$X.C$T"3$P+C$P,BXQ+C$T-0E51% @*#$P-#<I
M#0HQ.#HQ.#HQ,0DQ,"XQ,#(N,2XQ-#4)5410("@Q,#,U*0T*,3<Z,C4Z-#8)
M,3 N,3 R+C$N,30U"55$4" H,3 S,RD-"C$V.C4T.C S"3$P+C$P,BXQ+C$T
M-0E51% @*#$P,C8I#0HW.C4Q.C$V"3$P+C$P,BXQ+C$T-0E51% @*#$P,S I
M#0HW.C4Q.C$U"3$P+C$P,BXQ+C$T-0E51% @*#$P-3<I#0HW.C4Q.C$U"3$P
M+C$P,BXQ+C$T-0E51% @*#$P,C<I#0HW.C4Q.C$U"3$P+C$P,BXQ+C$T-0E5
M1% @*#$P,C8I#0HV.C4P.C0U"3$P+C$P,BXQ+C$T-0E51% @*#$P,S I#0HV
M.C,U.C,U"3$P+C$P,BXQ+C$T-0E51% @*#$P,C8I#0HV.C,U.C,U"3$P+C$P
M,BXQ+C$T-0E51% @*#$P,CDI#0HV.C,U.C,U"3$P+C$P,BXQ+C$T-0E51% @
M*#$P,S I#0HV.C,U.C,U"3$P+C$P,BXQ+C$T-0E51% @*#$P,C na I#0HQ-"XQ
M,"XR,# T(#(Q.C(R.C,V"3$P+C$P,BXQ+C$T-0E51% @*#$P,C na I#0HQ-"XQ
M,"XR,# T(#(Q.C P.C0Q"3$P+C$P,BXQ+C$T-0E51% @*#$P,C na I#0HQ-"XQ
M,"XR,# T(#(P.C4P.C U"3$P+C$P,BXQ+C$T-0E51% @*#$P,C na I#0HQ-"XQ
M,"XR,# T(#(P.C$Q.C4U"3$P+C$P,BXQ+C$T-0E51% @*#$P,C na I#0HQ-"XQ
M,"XR,# T(#DZ-#0Z,#@),3 N,3 R+C$N,30U"55$4" H,3 S,"D-"C$T+C$P
M+C(P,#0 na .3HT,SHS-PDQ,"XQ,#(N,2XQ-#4)5410("@Q,#(X*0T*,30N,3 N
M,C P-" Y.C0S.C$R"3$P+C$P,BXQ+C$T-0E51% @*#$P,C8I#0HQ-"XQ,"XR
M,# T(#DZ-#(Z,C ),3 N,3 R+C$N,30U"55$4" H,3 S,"D-"C$T+C$P+C(P
M,#0 na .3HR.#HU,0DQ,"XQ,#(N,2XQ-#4)5410("@Q,#,P*0T*,30N,3 N,C P
M-" Y.C$S.C4S"3$P+C$P,BXQ+C$T-0E51% @*#$P,S I#0HQ-"XQ,"XR,# T
M(#@Z-#4Z,S(),3 N,3 R+C$N,30U"55$4" H,3 R-BD-"C$T+C$P+C(P,#0@
M.#HT-3HS, na DQ,"XQ,#(N,2XQ-#4)5410("@Q,#(X*0T*,30N,3 N,C P-" X
M.C0Q.C,Q"3$P+C$P,BXQ+C$T-0E51% @*#$P,C na I#0HQ-"XQ,"XR,# T(#@Z
M,SDZ,S@),3 N,3 R+C$N,30U"55$4" H,3 R."D-"C$T+C$P+C(P,#0 na .#HR
M.#HU,0DQ,"XQ,#(N,2XQ-#4)5410("@Q,#(V*0T*,30N,3 N,C P-" X.C(U
M.C(P"3$P+C$P,BXQ+C$T-0E51% @*#$P,S I#0HQ-"XQ,"XR,# T(#<Z-#<Z
M,38),3 N,3 R+C$N,30U"55$4" H,3 R-BD-"C$T+C$P+C(P,#0 na -SHQ,#HP
M-PDQ,"XQ,#(N,2XQ-#4)5410("@Q,#(V*0T*,30N,3 N,C P-" W.C S.C0R
M"3$P+C$P,BXQ+C$T-0E51% @*#$P,S I#0HQ-"XQ,"XR,# T(#<Z,#,Z-#()
M,3 N,3 R+C$N,30U"55$4" H,3 R."D-"C$T+C$P+C(P,#0 na -SHP,SHT, na DQ
M,"XQ,#(N,2XQ-#4)5410("@Q,#(W*0T*,3,N,3 N,C P-" R,SHQ,CHR,0DQ
M,"XQ,#(N,2XQ-#4)5410("@Q,#(Y*0T*,3,N,3 N,C P-" R,CHS,CHS-0DQ
6,"XQ,#(N,2XQ-#4)5410("@Q,#(X*0``
`
end