From: John S. A. <js...@no...> - 2003-01-27 23:12:58
|
On 27 Jan 2003 at 16:24, Cowles, Steve wrote: > > It looks like a port scan, but I can't believe my own ISP would be > > scanning me from his DNS server. (Unless the source IP was forged). > > > > Checkout the shorewall FAQ. Item 6c might be of interest. > > Steve Cowles Both Steve and Mike Noyes pointed to the same problem and when I put the suggested common rule in (as shown in the faq) i have not seen another one of these late DNS packets show up since. Thanks guys... That common def had never made it into my version because I've done several upgrades over time and the quickstart that i started with was pretty old. ______________________________________ John Andersen NORCOM / Juneau, Alaska http://www.screenio.com/ (907) 790-3386_______________________________________ John S. Andersen NORCOM mailto:JAn...@no... Juneau, Alaska http://www.screenio.com/ |