Hello,
today all day, every 5 minutes my log would get an entry like this:
UDP Drop: IN=ppp0 OUT= MAC= SRC=216.45.66.121 DST=221.my.ip.x LEN=30 TOS=0x00 PREC=0x00 TTL=120 ID=38360 PROTO=UDP SPT=2507 DPT=5651 LEN=10
The source port would also sometimes be 2506, but DPT would always be the same. I have done some internet searching but could not find what 5651 is used for.
So it makes me uneasy knowing that some weird IP is trying to access my firewall/network in weird ways. I am just curious what is the protocol when you see something like this? Should I just block out all traffic from this machine? Should I sit back and smile because Astaro is taking care of everything for me? Just wondering how you experienced users deal with this sort of thing.
thanks,
-roman
This thread was automatically locked due to age.
