Thanks again,
I just rebooted after turning my modem off then back on and am still getting messages:
Sep 24 02:51:28 darkstar kernel: Connection attempt (UNPRIV): IN=eth0 OUT= MAC=00:08:a1:24:a9:17:00:05:74:f7:80:70:08:00 SRC=24.218.53.32 DST=81.99.25.85 LEN=48 TOS=0x00 PREC=0x00 TTL=104 ID=58116 DF PROTO=TCP SPT=13350 DPT=8436 WINDOW=16384 RES=0x00 SYN URGP=0
Sep 24 02:51:28 darkstar kernel: usb-uhci.c: $Revision: 1.275 $ time 00:02:40 Sep 5 2003
Sep 24 02:51:28 darkstar kernel: usb-uhci.c: High bandwidth mode enabled
Sep 24 02:51:28 darkstar kernel: usb-uhci.c: v1.275:USB Universal Host Controller Interface driver
Sep 24 02:51:33 darkstar apmd[1423]: Version 3.0.2 (APM BIOS 1.2, Linux driver 1.16)
Sep 24 02:51:33 darkstar apmd[1423]: Charge: * * * (-1% unknown)
Sep 24 02:51:34 darkstar /usr/sbin/gpm[1429]: imps2: Auto-detected intellimouse PS/2
Sep 24 02:51:35 darkstar kernel: 0: nvidia: loading NVIDIA Linux x86 nvidia.o Kernel Module 1.0-4496 Wed Jul 16 19:03:09 PDT 2003
Sep 24 02:51:35 darkstar insmod: Warning: loading /lib/modules/2.4.20/kernel/drivers/video/nvidia.o will taint the kernel: non-GPL license - NVIDIA
Sep 24 02:51:35 darkstar insmod: See
http://www.tux.org/lkml/#export-tainted for information about tainted modules
Sep 24 02:51:35 darkstar insmod: Module nvidia loaded, with warnings
Sep 24 02:51:36 darkstar kernel: Linux agpgart interface v0.99 (c) Jeff Hartmann
Sep 24 02:51:36 darkstar kernel: agpgart: Maximum main memory to use for agp memory: 439M
Sep 24 02:51:36 darkstar kernel: agpgart: Detected Via Apollo Pro KT266 chipset
Sep 24 02:51:36 darkstar kernel: agpgart: AGP aperture is 64M @ 0xf8000000
Sep 24 02:51:36 darkstar kernel: bttv0: PLL: 28636363 => 35468950 ... ok
Sep 24 02:51:36 darkstar modprobe: modprobe: Can't locate module char-major-81-1
Sep 24 02:51:39 darkstar gdm[1444]: run_pictures: /home/tuttle/.gnome2 is writable by group.
Sep 24 02:51:51 darkstar gdm[1444]: gdm_slave_session_start: /home/tuttle/.gnome2 is writable by group.
Sep 24 02:51:51 darkstar gdm[1444]: gdm_auth_user_add: /home/tuttle is writable by group.
Sep 24 02:51:52 darkstar gconfd (tuttle-1494): starting (version 2.2.0), pid 1494 user 'tuttle'
Sep 24 02:51:52 darkstar gconfd (tuttle-1494): Resolved address "xml:readonly:/etc/gconf/gconf.xml.mandatory" to a read-only config source at position 0
Sep 24 02:51:52 darkstar gconfd (tuttle-1494): Resolved address "xml:readwrite:/home/tuttle/.gconf" to a writable config source at position 1
Sep 24 02:51:52 darkstar gconfd (tuttle-1494): Resolved address "xml:readonly:/etc/gconf/gconf.xml.defaults" to a read-only config source at position 2
Sep 24 02:51:56 darkstar kernel: cdrom: This disc doesn't have any tracks I recognize!
Sep 24 02:52:18 darkstar kernel: Connection attempt (UNPRIV): IN=eth0 OUT= MAC=00:08:a1:24:a9:17:00:05:74:f7:80:70:08:00 SRC=24.170.169.48 DST=81.99.25.85 LEN=48 TOS=0x00 PREC=0x00 TTL=111 ID=49090 DF PROTO=TCP SPT=53719 DPT=8436 WINDOW=8192 RES=0x00 SYN URGP=0
Sep 24 02:53:20 darkstar kernel: Connection attempt (UNPRIV): IN=eth0 OUT= MAC=00:08:a1:24:a9:17:00:05:74:f7:80:70:08:00 SRC=80.3.143.212 DST=81.99.25.85 LEN=48 TOS=0x00 PREC=0x00 TTL=120 ID=21816 DF PROTO=TCP SPT=3490 DPT=8124 WINDOW=16384 RES=0x00 SYN URGP=0
Sep 24 02:54:20 darkstar kernel: Connection attempt (UNPRIV): IN=eth0 OUT= MAC=00:08:a1:24:a9:17:00:05:74:f7:80:70:08:00 SRC=12.246.156.186 DST=81.99.25.85 LEN=48 TOS=0x00 PREC=0x00 TTL=106 ID=6758 DF PROTO=TCP SPT=4335 DPT=8124 WINDOW=16384 RES=0x00 SYN URGP=0
Sep 24 02:55:20 darkstar kernel: Connection attempt (UNPRIV): IN=eth0 OUT= MAC=00:08:a1:24:a9:17:00:05:74:f7:80:70:08:00 SRC=24.59.77.84 DST=81.99.25.85 LEN=48 TOS=0x00 PREC=0x00 TTL=110 ID=1190 DF PROTO=TCP SPT=4444 DPT=8124 WINDOW=16384 RES=0x00 SYN URGP=0
Notice how the first message is before the system has fully booted!
Is it just harmless requests from gnutella clients? I wonder....
Thanks for the tip on the use of iptables
I'll try that in the morning, will get back to you.
night night - *shutdown -h now*