[Firehol-support] windows messenger

Rick Marshall rjm at zenucom.com
Thu Jun 22 02:28:43 BST 2006

Hi All,

I noticed a whole lot of messages like the following in my logs:

Jun 22 11:13:21 cgate kernel: PASS-unknown:IN=eth1 OUT=eth0 
SRC= DST= LEN=40 TOS=0x00 PREC=0x00 TTL=127 
ID=16928 DF PROTO=TCP SPT=1278 DPT=80 WINDOW=64685 RES=0x00 ACK FIN URGP=0

After some investigation (and fears of trojans etc) I've tracked this 
down to messenger during it's start up/stop processes (sometimes :( )

Does anyone know why these packets are being blocked and logged? is it 
the window size? i don't have any further info yet, but i will dig 
deeper if needed.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: rjm.vcf
Type: text/x-vcard
Size: 146 bytes
Desc: not available
URL: <http://lists.firehol.org/pipermail/firehol-support/attachments/20060622/8b724603/attachment-0002.vcf>

More information about the Firehol-support mailing list