Hi everybody, I am having some problems with my ISP telling me that my
server was doing port scan to one of their client.
I have a policy in my shorewall
$FW net REJECT info
and in my log I dont have nothing with REJECT, just my tests to see if the
log works.
This is one line that they send me
Date Time Action Port Source Destination Protocol
28Sep2012 14:05:27 Drop 48875my server ip firewal
(200.40.client ip)tcp
now I am loggin everything with tcpdump with a grep with the client ip to a
file but I dont know how is this possible if I dont have those ports open.
Thanks
------------------------------------------------------------------------------
Don''t let slow site performance ruin your business. Deploy New Relic
APM
Deploy New Relic app performance management and know exactly
what is happening inside your Ruby, Python, PHP, Java, and .NET app
Try New Relic at no cost today and get our sweet Data Nerd shirt too!
http://p.sf.net/sfu/newrelic-dev2dev