FIRE-WARS : Attack of the Cloaks

[klinux]

got pccillin 2002 av with firewall . just noticed today in firewall log a couple of wierd entries . if someone can explain it it will help . i got hundreds of entries as the 2 given below per day . the list reads out like Star Wars opening scroll

- Firewall,21:21:51,IN,TCP," filled with ip addresses and i think port number ",NetBIOS Browsing,
- Cloaking,21:20:11,IN,UDP," filled with ip addresses and i think port number ",Cloaking,

more weird part is i started getting these entries after i joined the digit forum . Any Clues as to what they are and what i should do to stop'em .

 

[technovice]

the list reads out like Star Wars opening scroll

more weird part is i started getting these entries after i joined the digit forum .

LOL!!
Nice topic for the post

Any Clues as to what they are and what i should do to stop'em .

SOS the Jedi Knights maybe!!!
Maybe theyve got a engineering wing!!

 

[klinux]

another day another attack !!

Firewall,00:57:22,IN,UDP,ip address,port,ip address,port,Traceroute,

can anyone decypher them ??

 

[GameAddict]

My guess...

Hi klinux,

Here is one of the entries:

Firewall,00:57:22,IN,UDP,ip address,port,ip address,port,Traceroute,

The second part- 00:57:22 -- seems to be the timestamp.
IN-Connection Type (inbound)
UDP-Protocol
ip address-Your/ or the attacker's
port-Your/or the attacker's

The above fields depend upon the settings of the log file. I too wonder what's the realtion between joining the forums and getting the above entries ???

Stumped about the last part-Traceroute???

Bye!

GA