LinuxQuestions.org
Review your favorite Linux distribution.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page Strange IP activity in my syslog
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 05-24-2011, 01:50 PM   #1
RyanRahl
LQ Newbie
 
Registered: May 2011
Location: The Pacific Northwest
Distribution: Debian/Ubuntu
Posts: 7

Rep: Reputation: Disabled
Strange IP activity in my syslog

I found this is my syslog and I don't know what it means. Does anyone here know what this is about. The censored IP is obviously mine and the others are coming from Romania.
Code:
May 24 11:41:25 sleppery kernel: [56376.420012] Redirect from 89.33.12.29 on eth1 about 89.33.12.203 ignored.
May 24 11:41:25 sleppery kernel: [56376.420015]   Advised path = 74.94.*.* -> 89.33.12.203
 
Old 05-24-2011, 02:32 PM   #2
AlucardZero
Senior Member
 
Registered: May 2006
Location: USA
Distribution: Debian
Posts: 4,824

Rep: Reputation: 615Reputation: 615Reputation: 615Reputation: 615Reputation: 615Reputation: 615
From The Google:

Your host is receiving ICMP redirect packets from the specified Ip address. An ICMP redirect is an error message sent by a router to the sender of an IP packet . Redirects are used when a router believes a packet is being routed sub optimally and it would like to inform the sending host that it should forward subsequent packets to that same destination through a different gateway.

icmp redirect is only honored when it redirects to another host in your subnet. Unless you have a really large subnet, this looks like nonsense. The kernel will ignore it if it redirects you outside of your subnet.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Does strange activity on a system mean it has been hacked? szim90 Linux - Security 3 11-29-2007 11:44 AM
strange lilo activity tgo Linux - Software 2 12-19-2006 10:29 PM
Strange tcpdump activity. NuxIT Linux - Networking 2 05-18-2006 03:35 AM
Strange PPP activity gauge73 Linux - Networking 0 08-18-2004 06:46 PM
Strange network activity !!!!!! OneManArmy Linux - Newbie 3 07-14-2004 10:19 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 09:01 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration