can you help me analyze the /var/log/messages ?

meeti

Well-Known Member
Dec 25, 2007
119
0
66
Hi,


some time point, my server's bandwidth is high and was unreachable at all,

and i check from /var/log/messages later,


i find several time point,when the bandwidth is high,and my server unreachable,

it has the records like this


Jan 11 12:55:55 cp kernel: IPtables: ill. source IN=eth0 OUT= MAC=*:*:*:*:*:*:*:*:*:*:*:*:*:* SRC=*.*.*
* DST=*.*.*.* LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=9857 DF PROTO=TCP SPT=4762 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=
0
Jan 11 12:55:55 cp kernel: IPtables: ill. source IN=eth0 OUT= MAC=*:*:*:*:*:*:*:*:*:*:*:*:*:* SRC=*.*.*
* DST=*.*.*.* LEN=40 TOS=0x00 PREC=0x00 TTL=52 ID=9859 DF PROTO=TCP SPT=4764 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=

can anyone tell me if my server was attacked? and how can i secure my server?




thanks