|
|||
Is this a security incident?
Hi
I recently did: Code:
#netstat -f inet -an Code:
Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address (state) 192.168.1.67:12349 192.168.1.254:53 ESTABLISHED Any thoughts?. regards |
|
|||
Your local address is 192.168.1.67. It is using port 12349 as source to do a DNS query to IP address 192.168.1.254 (foreign address) on port 53 (the reserved port for DNS queries).
Nothing wrong
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
Thanks for your speedy replies. I just remembered the reason that i thought that it might have been a security incident. On my MacBook, in the firewall logs, it logs such connections as "stealth mode connection attempts". I thought that it might have been a security incident due to these logs. Then i remembered that as far as hosts on my LAN are concerned the DNS server is the router. So yeah thanks for that.
regards |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
NetBSD New security advisories | J65nko | News | 0 | 16th January 2010 12:05 PM |
security apache | Nk2Network | FreeBSD Security | 6 | 19th January 2009 05:12 AM |
Source code of coreutils to create Incident Response Disk | audio | FreeBSD General | 6 | 5th July 2008 11:00 AM |