The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Strange messages in /var/log/messages

Discussion in 'General Discussion' started by kcdworks, Aug 16, 2003.

  1. kcdworks

    kcdworks Well-Known Member

    Joined:
    Jul 28, 2002
    Messages:
    186
    Likes Received:
    0
    Trophy Points:
    16
    We are having a really strange message in our /var/log/messages file.

    Aug 16 10:08:57 server3 kernel: **UDP DROP** IN=eth0 OUT= MAC=00:50:22:9a:d6:37:00:e0:52:08:b8:bd:08:00 SRC=81.101.161.91 DST=64.246.x.x LEN=40 TOS=0x00 PREC=0x00 TTL=7 ID=60403 PROTO=UDP SPT=60341 DPT=33496 LEN=20

    The bold IP address is always there. It belongs to RIPE, according to an ARIN whois. I've added it to hosts.deny, but that message contiues to appear at the rate of 1 per second.

    Any ideas?

    cPanel.net Support Ticket Number:
     
  2. mmkassem

    mmkassem Well-Known Member

    Joined:
    Oct 21, 2002
    Messages:
    390
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Egypt
    It is owned by:
    netname: NTL
    descr: NTL Infrastructure - Luton
    country: GB

    If ARIN tells you it is owned by RIPE you have to check RIPE to know whois the block is assigned to.

    PROTO=UDP DPT=33496
    It's a high port, UDP and within the range used to traceroute (using UDP not ICMP)

    You should not worry.
     
  3. kcdworks

    kcdworks Well-Known Member

    Joined:
    Jul 28, 2002
    Messages:
    186
    Likes Received:
    0
    Trophy Points:
    16
    I forgot to come back to this thread, but it stopped about three minutes after I posted that.

    Thanks for the reply.

    cPanel.net Support Ticket Number:
     
Loading...

Share This Page