Look at this entry in my firewall log. This has been going on for a better part of a day now: it's beginning to annoy me.

[code:1:c2aaa7a456]10/16/03 12:30 firewalld[107]: deny in eth0 92 icmp 20 118 209.128.117.100 xxx.xxx.xxx.xxx 8 0 (default)
10/16/03 12:30 firewalld[107]: deny in eth0 92 icmp 20 118 209.128.117.100 xxx.xxx.xxx.xxx 8 0 (default)
10/16/03 12:30 firewalld[107]: deny in eth0 92 icmp 20 118 209.128.117.100 xxx.xxx.xxx.xxx 8 0 (default)
10/16/03 12:30 firewalld[107]: deny in eth0 92 icmp 20 118 209.128.117.100 xxx.xxx.xxx.xxx 8 0 (default)
10/16/03 12:30 firewalld[107]: deny in eth0 73 udp 20 53 208.185.54.14 xxx.xxx.xxx.xxx 26163 53 (default)
10/16/03 12:30 firewalld[107]: deny in eth0 73 udp 20 53 208.185.54.14 xxx.xxx.xxx.xxx 26163 53 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 60 tcp 20 61 216.98.128.68 xxx.xxx.xxx.xxx 46694 113 syn (default)
10/16/03 12:31 firewalld[107]: deny in eth0 84 icmp 20 51 64.41.192.103 xxx.xxx.xxx.xxx 8 0 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 84 icmp 20 52 63.166.13.66 xxx.xxx.xxx.xxx 8 0 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 84 icmp 20 53 208.185.219.166 xxx.xxx.xxx.xxx 8 0 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 84 icmp 20 51 205.158.108.194 xxx.xxx.xxx.xxx 8 0 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 84 icmp 20 54 63.219.179.130 xxx.xxx.xxx.xxx 8 0 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 84 icmp 20 53 64.14.117.10 xxx.xxx.xxx.xxx 8 0 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 84 icmp 20 49 64.0.96.12 xxx.xxx.xxx.xxx 8 0 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 84 icmp 20 54 205.252.48.130 xxx.xxx.xxx.xxx 8 0 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 84 icmp 20 47 202.222.25.4 xxx.xxx.xxx.xxx 8 0 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 84 icmp 20 47 221.111.1.4 xxx.xxx.xxx.xxx 8 0 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 84 icmp 20 51 64.41.192.103 xxx.xxx.xxx.xxx 8 0 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 84 icmp 20 52 63.166.13.66 xxx.xxx.xxx.xxx 8 0 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 84 icmp 20 53 208.185.219.166 xxx.xxx.xxx.xxx 8 0 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 84 icmp 20 54 63.219.179.130 xxx.xxx.xxx.xxx 8 0 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 84 icmp 20 53 64.14.117.10 xxx.xxx.xxx.xxx 8 0 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 84 icmp 20 51 205.158.108.194 xxx.xxx.xxx.xxx 8 0 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 84 icmp 20 49 64.0.96.12 xxx.xxx.xxx.xxx 8 0 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 84 icmp 20 54 205.252.48.130 xxx.xxx.xxx.xxx 8 0 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 84 icmp 20 47 202.222.25.4 xxx.xxx.xxx.xxx 8 0 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 84 icmp 20 47 221.111.1.4 xxx.xxx.xxx.xxx 8 0 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 73 udp 20 51 64.41.192.103 xxx.xxx.xxx.xxx 16236 53 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 73 udp 20 52 63.166.13.66 xxx.xxx.xxx.xxx 56243 53 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 73 udp 20 53 208.185.219.166 xxx.xxx.xxx.xxx 50750 53 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 73 udp 20 54 63.219.179.130 xxx.xxx.xxx.xxx 53643 53 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 73 udp 20 53 64.14.117.10 xxx.xxx.xxx.xxx 35019 53 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 73 udp 20 54 205.252.48.130 xxx.xxx.xxx.xxx 32515 53 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 73 udp 20 49 64.0.96.12 xxx.xxx.xxx.xxx 18293 53 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 73 udp 20 47 202.222.25.4 xxx.xxx.xxx.xxx 49496 53 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 73 udp 20 51 205.158.108.194 xxx.xxx.xxx.xxx 64940 53 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 73 udp 20 47 221.111.1.4 xxx.xxx.xxx.xxx 36750 53 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 73 udp 20 47 221.111.1.4 xxx.xxx.xxx.xxx 36750 53 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 73 udp 20 51 64.41.192.103 xxx.xxx.xxx.xxx 16236 53 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 73 udp 20 52 63.166.13.66 xxx.xxx.xxx.xxx 56243 53 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 73 udp 20 53 208.185.219.166 xxx.xxx.xxx.xxx 50750 53 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 73 udp 20 54 63.219.179.130 xxx.xxx.xxx.xxx 53643 53 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 73 udp 20 53 64.14.117.10 xxx.xxx.xxx.xxx 35019 53 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 73 udp 20 54 205.252.48.130 xxx.xxx.xxx.xxx 32515 53 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 73 udp 20 49 64.0.96.12 xxx.xxx.xxx.xxx 18293 53 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 73 udp 20 47 202.222.25.4 xxx.xxx.xxx.xxx 49496 53 (default)
10/16/03 12:31 firewalld[107]: deny in eth0 73 udp 20 47 221.111.1.4 xxx.xxx.xxx.xxx 36750 53 (default)[/code:1:c2aaa7a456]

It appears that im getting pinged alot and then a lot of attempts to go to port 53. After some research, I found this is an actual 'bug' with the firewall, a Watchguard.

Anyway, anyone see anything that looks funky? Im wondering if all this traffic could be something to do with all the freaking viruses running around on the net.

Tarballed

Viruses that infect across shares that get on computers linked via broadband are nasty. You got a ton of people with wide open "invisible" shares on their windows boxes that become virus hosts infecting more and more shares.

It was one of the reasons I decided to start using BSD as my main OS.

Just a quick question on ports and such.

Recently, i've seen a lot of attempts to get through port 27374, which if I remember correctly, is SubSeven, right?

Ok...but one I'm not familiar with is: attenots to get through port 12345

Anyone have any idea on what that could be?

Thanks.

Tarballed

12345 is the common port for netbus.

andy