Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: am i getting hacked
« previous next »
Pages: [1]   Go Down

am i getting hacked

  • 1 Replies
  • 1810 Views

ldavies

am i getting hacked
« on: April 11, 2004, 06:13:58 PM »
and how will i got if they succeeded???

this was what i got in the message log:

Apr 11 06:57:21 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=68.167.80.174 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=59485 DF PROTO=TCP SPT=3766 DPT=135 WINDOW=64240 RES=0x00 SYN URGP=0
Apr 11 06:57:27 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=68.167.80.174 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=59661 DF PROTO=TCP SPT=3766 DPT=135 WINDOW=64240 RES=0x00 SYN URGP=0
Apr 11 06:58:17 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=193.40.8.178 DST=68.166.34.32 LEN=39 TOS=0x00 PREC=0x00 TTL=110 ID=30658 PROTO=UDP SPT=57874 DPT=33758 LEN=19
Apr 11 06:59:57 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=68.167.123.19 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=50403 DF PROTO=TCP SPT=2280 DPT=135 WINDOW=64240 RES=0x00 SYN URGP=0
Apr 11 07:00:00 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=68.167.123.19 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=50704 DF PROTO=TCP SPT=2280 DPT=135 WINDOW=64240 RES=0x00 SYN URGP=0
Apr 11 07:00:06 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=68.167.123.19 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=51530 DF PROTO=TCP SPT=2280 DPT=135 WINDOW=64240 RES=0x00 SYN URGP=0
Apr 11 07:14:56 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=68.126.203.92 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=17411 DF PROTO=TCP SPT=1306 DPT=135 WINDOW=64240 RES=0x00 SYN URGP=0
Apr 11 07:20:33 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=68.167.247.235 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=15799 DF PROTO=TCP SPT=3223 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0
Apr 11 07:20:36 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=68.167.247.235 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=15929 DF PROTO=TCP SPT=3223 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0
Apr 11 07:20:42 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=68.167.247.235 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=16143 DF PROTO=TCP SPT=3223 DPT=445 WINDOW=65535 RES=0x00 SYN URGP=0
Apr 11 07:29:30 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=213.48.83.241 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=115 ID=11811 DF PROTO=TCP SPT=4447 DPT=135 WINDOW=8760 RES=0x00 SYN URGP=0
Apr 11 07:29:48 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=68.165.217.98 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=14892 DF PROTO=TCP SPT=3275 DPT=135 WINDOW=64240 RES=0x00 SYN URGP=0
Apr 11 07:29:51 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=68.165.217.98 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=15055 DF PROTO=TCP SPT=3275 DPT=135 WINDOW=64240 RES=0x00 SYN URGP=0
Apr 11 07:29:57 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=68.165.217.98 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=15338 DF PROTO=TCP SPT=3275 DPT=135 WINDOW=64240 RES=0x00 SYN URGP=0
Apr 11 07:33:52 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=193.40.8.178 DST=68.166.34.32 LEN=39 TOS=0x00 PREC=0x00 TTL=110 ID=24957 PROTO=UDP SPT=57874 DPT=33758 LEN=19
Apr 11 07:37:46 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=68.160.36.97 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=3073 DF PROTO=TCP SPT=3551 DPT=135 WINDOW=65280 RES=0x00 SYN URGP=0
Apr 11 07:37:55 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=68.119.170.147 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=50556 DF PROTO=TCP SPT=3166 DPT=135 WINDOW=64240 RES=0x00 SYN URGP=0
Apr 11 07:37:56 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=62.67.200.67 DST=68.166.34.32 LEN=40 TOS=0x00 PREC=0x00 TTL=55 ID=0 DF PROTO=TCP SPT=6667 DPT=1920 WINDOW=0 RES=0x00 ACK RST URGP=0
Apr 11 07:41:15 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=207.5.252.187 DST=68.166.34.32 LEN=695 TOS=0x00 PREC=0x00 TTL=109 ID=51522 PROTO=UDP SPT=4883 DPT=1027 LEN=675
Apr 11 07:54:15 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=204.132.145.179 DST=68.166.34.32 LEN=838 TOS=0x00 PREC=0x00 TTL=116 ID=12871 PROTO=UDP SPT=15274 DPT=1026 LEN=818
Apr 11 07:54:16 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=204.119.76.57 DST=68.166.34.32 LEN=838 TOS=0x00 PREC=0x00 TTL=116 ID=17737 PROTO=UDP SPT=5545 DPT=1027 LEN=818
Apr 11 07:57:07 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=193.40.8.178 DST=68.166.34.32 LEN=39 TOS=0x00 PREC=0x00 TTL=110 ID=9352 PROTO=UDP SPT=57874 DPT=33758 LEN=19
Apr 11 08:07:47 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=211.219.163.161 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=62134 DF PROTO=TCP SPT=3990 DPT=65506 WINDOW=64800 RES=0x00 SYN URGP=0
Apr 11 08:07:50 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=211.219.163.161 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=63775 DF PROTO=TCP SPT=3990 DPT=65506 WINDOW=64800 RES=0x00 SYN URGP=0
Apr 11 08:07:56 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=211.219.163.161 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=117 ID=1912 DF PROTO=TCP SPT=3990 DPT=65506 WINDOW=64800 RES=0x00 SYN URGP=0
Apr 11 08:08:08 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=68.165.217.98 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=57449 DF PROTO=TCP SPT=4371 DPT=135 WINDOW=64240 RES=0x00 SYN URGP=0
Apr 11 08:13:11 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=68.165.245.38 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=33409 DF PROTO=TCP SPT=2820 DPT=445 WINDOW=16384 RES=0x00 SYN URGP=0
Apr 11 08:13:14 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=68.165.245.38 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=33497 DF PROTO=TCP SPT=2820 DPT=445 WINDOW=16384 RES=0x00 SYN URGP=0
Apr 11 08:13:20 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=68.165.245.38 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=33671 DF PROTO=TCP SPT=2820 DPT=445 WINDOW=16384 RES=0x00 SYN URGP=0
Apr 11 08:14:49 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=68.167.247.130 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=13576 DF PROTO=TCP SPT=2694 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0
Apr 11 08:14:52 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=68.167.247.130 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=13877 DF PROTO=TCP SPT=2694 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0
Apr 11 08:14:58 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=68.167.247.130 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=14802 DF PROTO=TCP SPT=2694 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0
Apr 11 08:19:07 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=217.185.231.177 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=56249 DF PROTO=TCP SPT=2447 DPT=135 WINDOW=32767 RES=0x00 SYN URGP=0
Apr 11 08:22:00 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=206.0.69.171 DST=68.166.34.32 LEN=838 TOS=0x00 PREC=0x00 TTL=116 ID=37099 PROTO=UDP SPT=9234 DPT=1028 LEN=818
Apr 11 08:23:24 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=193.40.8.178 DST=68.166.34.32 LEN=39 TOS=0x00 PREC=0x00 TTL=110 ID=9594 PROTO=UDP SPT=57874 DPT=33758 LEN=19
Apr 11 08:24:51 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=201.129.181.19 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=112 ID=275 DF PROTO=TCP SPT=4300 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0
Apr 11 08:24:54 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=201.129.181.19 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=112 ID=421 DF PROTO=TCP SPT=4300 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0
Apr 11 08:24:56 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=201.129.181.19 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=112 ID=474 DF PROTO=TCP SPT=4356 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0
Apr 11 08:24:59 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=201.129.181.19 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=112 ID=574 DF PROTO=TCP SPT=4356 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0
Apr 11 08:25:05 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=201.129.181.19 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=112 ID=806 DF PROTO=TCP SPT=4356 DPT=135 WINDOW=16384 RES=0x00 SYN URGP=0
Apr 11 08:25:32 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=206.165.182.33 DST=68.166.34.32 LEN=200 TOS=0x00 PREC=0x00 TTL=53 ID=0 DF PROTO=UDP SPT=10500 DPT=33182 LEN=180
Apr 11 08:26:09 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=69.93.210.202 DST=68.166.34.32 LEN=766 TOS=0x00 PREC=0x00 TTL=119 ID=32301 PROTO=UDP SPT=27668 DPT=1026 LEN=746
Apr 11 08:26:48 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=193.40.8.178 DST=68.166.34.32 LEN=39 TOS=0x00 PREC=0x00 TTL=110 ID=19159 PROTO=UDP SPT=57874 DPT=33758 LEN=19
Apr 11 08:29:05 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=68.166.66.247 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=15395 DF PROTO=TCP SPT=3009 DPT=445 WINDOW=16384 RES=0x00 SYN URGP=0
Apr 11 08:29:08 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=68.166.66.247 DST=68.166.34.32 LEN=48 TOS=0x00 PREC=0x00 TTL=119 ID=15472 DF PROTO=TCP SPT=3009 DPT=445 WINDOW=16384 RES=0x00 SYN URGP=0
Apr 11 08:32:48 webby kernel: denylog:IN=ppp0 OUT= MAC= SRC=66.234.136.230 DST=68.166.34.32 LEN=404 TOS=0x00 PREC=0x00 TTL=118 ID=31362 PROTO=UDP SPT=1042 DPT=1434 LEN=384
Logged

RavenIV

Re: am i getting hacked
« Reply #1 on: April 12, 2004, 02:00:10 AM »
Quote from: "ldavies"

... denylog:IN=ppp0 OUT= MAC= SRC=68.167.80.174 ...


as you see in the logfile :"denylog".
the access to your server is denied.
this is a "normal" problem, because we all get scanned for open ports or something else.
if you want to get rid of these log-entries, try a search for "firewall" in the forum.
there is a command to set the loggin-options of the firewall.

cheers klaus
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: am i getting hacked