derRichard
16.02.03, 19:18
hallo!
ich bekomme zur zeit viele anfrage an diverse ports von unterschiedlichen hosts aber der quellport ist immer 4662/4661.
ist das edonkey?
Feb 16 18:15:01 firewall pf: Feb 16 18:06:48.674678 rule 6/0(match): block in on ne4: 80.141.102.166.4662 > 81.16.104.6.53148: F 57238070:57238070(0) ack 1063892219 win 32419 (DF)
Feb 16 18:15:01 firewall pf: Feb 16 18:07:02.722819 rule 6/0(match): block in on ne4: 217.234.238.77.4662 > 81.16.104.6.64363: F 1832795851:1832795851(0) ack 1071441188 win 64030 (DF)
Feb 16 18:15:01 firewall pf: Feb 16 18:07:25.938547 rule 6/0(match): block in on ne4: 217.187.71.125.4662 > 81.16.104.6.51014: F 1024603454:1024603454(0) ack 1086571138 win 32008 (DF)
Feb 16 18:15:01 firewall pf: Feb 16 18:07:35.413506 rule 6/0(match): block in on ne4: 80.223.57.242.4662 > 81.16.104.6.54363: F 916299030:916299030(0) ack 1089276483 win 64036 (DF)
Feb 16 18:15:01 firewall pf: Feb 16 18:07:37.649469 rule 6/0(match): block in on ne4: 213.99.180.187.4662 > 81.16.104.6.56962: S 1141791418:1141791418(0) ack 1107258566 win 8760 <mss 1460,nop,nop,sackOK> (DF)
Feb 16 18:15:01 firewall pf: Feb 16 18:07:43.382927 rule 6/0(match): block in on ne4: 217.227.32.55.4661 > 81.16.104.6.52440: F 2143046092:2143046092(0) ack 1081448295 win 63962 (DF)
Feb 16 18:15:01 firewall pf: Feb 16 18:07:43.766700 rule 6/0(match): block in on ne4: 80.8.218.51.4662 > 81.16.104.6.54022: F 1946970890:1946970890(0) ack 1094363123 win 64522 (DF)
Feb 16 18:15:01 firewall pf: Feb 16 18:08:00.218399 rule 6/0(match): block in on ne4: 81.51.6.166.4662 > 81.16.104.6.58420: F 3843388739:3843388739(0) ack 1099754391 win 17338 (DF)
Feb 16 18:15:01 firewall pf: Feb 16 18:08:22.576821 rule 6/0(match): block in on ne4: 62.99.207.153.4662 > 81.16.104.6.59583: F 4218438183:4218438183(0) ack 1107424486 win 65257 (DF)
Feb 16 18:15:01 firewall pf: Feb 16 18:08:37.647726 rule 6/0(match): block in on ne4: 66.168.251.235.4662 > 81.16.104.6.54480: F 132170350:132170350(0) ack 1111996720 win 32557 (DF)
Feb 16 18:15:01 firewall pf: Feb 16 18:08:38.610741 rule 6/0(match): block in on ne4: 80.131.223.242.4662 > 81.16.104.6.51925: F 295605101:295605101(0) ack 1112536299 win 32489 (DF)
Feb 16 18:15:01 firewall pf: Feb 16 18:08:44.622587 rule 6/0(match): block in on ne4: 81.57.199.37.4662 > 81.16.104.6.64554: F 2761346157:2761346157(0) ack 1114519728 win 65257 (DF)
Feb 16 18:15:01 firewall pf: Feb 16 18:08:49.093841 rule 6/0(match): block in on ne4: 81.202.172.59.4662 > 81.16.104.6.56365: R 0:0(0) ack 1141868031 win 0
Feb 16 18:15:01 firewall pf: Feb 16 18:08:54.008101 rule 6/0(match): block in on ne4: 217.82.180.119.4662 > 81.16.104.6.64569: F 3624332874:3624332874(0) ack 1112451968 win 65257
//richard
ich bekomme zur zeit viele anfrage an diverse ports von unterschiedlichen hosts aber der quellport ist immer 4662/4661.
ist das edonkey?
Feb 16 18:15:01 firewall pf: Feb 16 18:06:48.674678 rule 6/0(match): block in on ne4: 80.141.102.166.4662 > 81.16.104.6.53148: F 57238070:57238070(0) ack 1063892219 win 32419 (DF)
Feb 16 18:15:01 firewall pf: Feb 16 18:07:02.722819 rule 6/0(match): block in on ne4: 217.234.238.77.4662 > 81.16.104.6.64363: F 1832795851:1832795851(0) ack 1071441188 win 64030 (DF)
Feb 16 18:15:01 firewall pf: Feb 16 18:07:25.938547 rule 6/0(match): block in on ne4: 217.187.71.125.4662 > 81.16.104.6.51014: F 1024603454:1024603454(0) ack 1086571138 win 32008 (DF)
Feb 16 18:15:01 firewall pf: Feb 16 18:07:35.413506 rule 6/0(match): block in on ne4: 80.223.57.242.4662 > 81.16.104.6.54363: F 916299030:916299030(0) ack 1089276483 win 64036 (DF)
Feb 16 18:15:01 firewall pf: Feb 16 18:07:37.649469 rule 6/0(match): block in on ne4: 213.99.180.187.4662 > 81.16.104.6.56962: S 1141791418:1141791418(0) ack 1107258566 win 8760 <mss 1460,nop,nop,sackOK> (DF)
Feb 16 18:15:01 firewall pf: Feb 16 18:07:43.382927 rule 6/0(match): block in on ne4: 217.227.32.55.4661 > 81.16.104.6.52440: F 2143046092:2143046092(0) ack 1081448295 win 63962 (DF)
Feb 16 18:15:01 firewall pf: Feb 16 18:07:43.766700 rule 6/0(match): block in on ne4: 80.8.218.51.4662 > 81.16.104.6.54022: F 1946970890:1946970890(0) ack 1094363123 win 64522 (DF)
Feb 16 18:15:01 firewall pf: Feb 16 18:08:00.218399 rule 6/0(match): block in on ne4: 81.51.6.166.4662 > 81.16.104.6.58420: F 3843388739:3843388739(0) ack 1099754391 win 17338 (DF)
Feb 16 18:15:01 firewall pf: Feb 16 18:08:22.576821 rule 6/0(match): block in on ne4: 62.99.207.153.4662 > 81.16.104.6.59583: F 4218438183:4218438183(0) ack 1107424486 win 65257 (DF)
Feb 16 18:15:01 firewall pf: Feb 16 18:08:37.647726 rule 6/0(match): block in on ne4: 66.168.251.235.4662 > 81.16.104.6.54480: F 132170350:132170350(0) ack 1111996720 win 32557 (DF)
Feb 16 18:15:01 firewall pf: Feb 16 18:08:38.610741 rule 6/0(match): block in on ne4: 80.131.223.242.4662 > 81.16.104.6.51925: F 295605101:295605101(0) ack 1112536299 win 32489 (DF)
Feb 16 18:15:01 firewall pf: Feb 16 18:08:44.622587 rule 6/0(match): block in on ne4: 81.57.199.37.4662 > 81.16.104.6.64554: F 2761346157:2761346157(0) ack 1114519728 win 65257 (DF)
Feb 16 18:15:01 firewall pf: Feb 16 18:08:49.093841 rule 6/0(match): block in on ne4: 81.202.172.59.4662 > 81.16.104.6.56365: R 0:0(0) ack 1141868031 win 0
Feb 16 18:15:01 firewall pf: Feb 16 18:08:54.008101 rule 6/0(match): block in on ne4: 217.82.180.119.4662 > 81.16.104.6.64569: F 3624332874:3624332874(0) ack 1112451968 win 65257
//richard