[Firehol-support] windows messenger
Rick Marshall
rjm at zenucom.com
Thu Jun 22 02:28:43 BST 2006
Hi All,
I noticed a whole lot of messages like the following in my logs:
Jun 22 11:13:21 cgate kernel: PASS-unknown:IN=eth1 OUT=eth0
SRC=192.168.1.238 DST=207.68.178.61 LEN=40 TOS=0x00 PREC=0x00 TTL=127
ID=16928 DF PROTO=TCP SPT=1278 DPT=80 WINDOW=64685 RES=0x00 ACK FIN URGP=0
After some investigation (and fears of trojans etc) I've tracked this
down to messenger during it's start up/stop processes (sometimes :( )
Does anyone know why these packets are being blocked and logged? is it
the window size? i don't have any further info yet, but i will dig
deeper if needed.
Thanks
Rick
-------------- next part --------------
A non-text attachment was scrubbed...
Name: rjm.vcf
Type: text/x-vcard
Size: 146 bytes
Desc: not available
URL: <http://lists.firehol.org/pipermail/firehol-support/attachments/20060622/8b724603/attachment-0002.vcf>
More information about the Firehol-support
mailing list