Find the answer to your Linux question:
Results 1 to 4 of 4
hello-- im running slackware 11.0 on my acer laptop... i have a dsl connection, and when im connected, i occasionally get this message on tty1: IN=ppp0 OUT= MAC= SRC=69.196.142.31 DST=220.160.157.206 ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Nov 2006
    Posts
    4

    newbie question--persistent network message


    hello--

    im running slackware 11.0 on my acer laptop... i have a dsl connection, and when im connected, i occasionally get this message on tty1:

    IN=ppp0 OUT= MAC= SRC=69.196.142.31 DST=220.160.157.206 LEN=64 TOS=0x00 PREC=0x00 TTL=46 ID=38634 DF PROTO=TCP SPT=49623 DPT=6881 WINDOW=65535 RES=0x00 SYN URGP=0
    IN=ppp0 OUT= MAC= SRC=86.139.183.231 DST=220.160.157.206 LEN=48 TOS=0x00 PREC=0x00 TTL=106 ID=42513 DF PROTO=TCP SPT=3882 DPT=6881 WINDOW=65535 RES=0x00 SYN URGP=0
    IN=ppp0 OUT= MAC= SRC=86.139.183.231 DST=220.160.157.206 LEN=48 TOS=0x00 PREC=0x00 TTL=106 ID=42577 DF PROTO=TCP SPT=3882 DPT=6881 WINDOW=65535 RES=0x00 SYN URGP=0
    IN=ppp0 OUT= MAC= SRC=200.90.253.154 DST=220.160.157.206 LEN=48 TOS=0x00 PREC=0x00 TTL=109 ID=48023 DF PROTO=TCP SPT=4692 DPT=6881 WINDOW=64800 RES=0x00 SYN URGP=0

    ... and it keeps coming up... i can't even type because it will interrupt me. fortunately, this message doesn't show up all the time. it'll flood the screen for a while, and then sometimes it doesn't come up at all.

    thanks in advance for any help.

    best,

    tobias

  2. #2
    Just Joined!
    Join Date
    Jun 2006
    Posts
    12

    try netstat

    the good ol utility netstat will tell you where and what the heck is going on, I believe the command is #netstat -an what I do is run bash scripts with the necessary netstat commands to check up on what is going on with cron jobs. There are pre-written scripts available to do cron jobs and pipe them to a log anywhere you chose. Using buttoned up guis for the purpose is not as effective. But there are distro specific utilities to do this. Slackware just lets you make up your own utilities. If you are worried that something might have put a trojan on your system then get the utility chkrootkit something sounds fishy about the 69.196.142.31 url
    Either that or you have a server that does not like linux! I suspect that your ip's mail server might be a cause some of the trouble. Some isp mail servers are down right hostile to linux. If you have your mail set up to interval check then there might be something going on there. There is also the possibility that you have something launching behind your back. Keep top running in a # terminal for a while to see if there is some program causing the trouble.

  3. #3
    Linux Enthusiast
    Join Date
    Jun 2005
    Posts
    668
    thats just iptables log output

    if this is slackware , edit /etc/rc.d/rc.firewall as root, and comment out the logging lines, then re-run the firewall script, as long as it is decently written and flushes out the iptables, or you can reboot.

    it should then go away, but you wont be able to log iptables connections, I turn it off on my server though too as it gets annoying

  4. $spacer_open
    $spacer_close
  5. #4
    Just Joined!
    Join Date
    Nov 2006
    Posts
    4
    thanks to both of you, this is quite helpful. i'll be sure to pass on the good karma.

    best,

    -tobias

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •