Hi, I'm a newbie of astaro and world of Firewall
I' have actived SIP ad anormaly traffic on my astaro 6.104
I received most alert of anormaly traffic:
2006:02:07-14:50:29 Anomaly A Non-live dest used: local dest,
> udp: 1.0000 UDP 192.168.1.2:33298 -> 204.152.47.12:53
> 2006:02:07-14:50:29 Anomaly A Non-live dest used: local dest,
> udp: 1.0000 UDP 192.168.1.2:33298 -> 204.152.47.145:53
> 2006:02:07-14:50:31 Anomaly A Non-live dest used: local dest,
> udp: 1.0000 UDP 192.168.1.2:33298 -> 204.152.46.81:53
> 2006:02:07-14:50:33 Anomaly A Non-live dest used: local dest,
> udp: 1.0000 UDP 192.168.1.2:33298 -> 204.152.46.82:53
> 2006:02:07-14:50:35 Anomaly A Non-live dest used: local dest,
> udp: 1.0000 UDP 192.168.1.2:33298 -> 204.152.46.82:53
> 2006:02:07-14:50:35 Anomaly A Non-live dest used: local dest,
> udp: 1.0000 UDP 192.168.1.2:33298 -> 204.152.46.81:53
> 2006:02:07-14:50:37 Anomaly A Non-live dest used: local dest,
> udp: 1.0000 UDP 192.168.1.2:33298 -> 204.152.47.145:53
> 2006:02:07-14:50:37 Anomaly A Non-live dest used: local dest,
> udp: 1.0000 UDP 192.168.1.2:33298 -> 204.152.46.81:53
> 2006:02:07-14:50:38 Anomaly A Non-live dest used: local dest,
> udp: 1.0000 UDP 192.168.1.2:33298 -> 204.152.47.12:53
> 2006:02:07-14:50:39 Anomaly A Non-live dest used: local dest,
> udp: 1.0000 UDP 192.168.1.2:33298 -> 204.152.47.12:53
I don't use this server dns for my Lan.
192.168.1.2 is the ip of my external eth. My lan is 192.168.0.*
Can you help me to understand what's this traffic that astaro intercepted?
This thread was automatically locked due to age.
