kernel intrusion detected alert

dopple

Gawd
Joined
Oct 5, 2011
Messages
685
My router is giving out the following alert in system log. whats this about?


kernel: Intrusion -> IN=ppp0.1 OUT= MAC= SRC=222.xxx.21.218 DST=59.xxx.100.xx LEN=40 TOS=0x00 PREC=0x00 TTL=108 ID=256 PROTO=TCP SPT=77 DPT=9064 WINDOW=16384 RES=0x00 SYN URGP=0 MARK=0x8000000
 

DragonNOA1

Supreme [H]ardness
Joined
Aug 15, 2004
Messages
4,301
SRC=222.xxx.21.218 DST=59.xxx.100.xx ... PROTO=TCP SPT=77 DPT=9064

D-link router? Looks to be someone scanning your router. Notice the source and destination IP's and ports.
 

djflow195

Weaksauce
Joined
Sep 6, 2011
Messages
102
Unplug from the internet?

If you are connected to a world wide network, you are going to get scans. The important thing is to make sure the firewall is up and that you have no internet-facing open ports.

Run an internet firewall test (Shields Up) and if you pass, you should be ok.
 

dopple

Gawd
Joined
Oct 5, 2011
Messages
685
Unplug from the internet?

If you are connected to a world wide network, you are going to get scans. The important thing is to make sure the firewall is up and that you have no internet-facing open ports.

Run an internet firewall test (Shields Up) and if you pass, you should be ok.

its passing. thanks for the link. its a new router, hadn't seen these entries in my previous router..
 
Top