Yes, thanks for the reply. I know what the port is. What I don't understand, like
so much of this security stuff, is why another machine outside my network would want
to send udp packets to this port on several of my machines, one machine at a time,
every couple hours or so.
I would imagine that if the daemon is not running, no harm done. But, WHY, what
normal reason would someone outside my network would have to test to see if it is
running?
Thanks.
-ron
> snmp 161/tcp SNMP
> snmp 161/udp SNMP
> SNMP == Simple Network Managment Protocal.
> It's a service used for remote adminstration of hosts.
> Not a big concern if you don't have snmp running.
> If you do, block it or consider killing your snmp service.
> > What is the potential danger here? These have been occuring all day,
> > from the same IP to a variety to hosts on my network. Thanks for any
> > info.
> > Apr 11 16:13:27 shelia kernel: Packet log: input DENY eth0 PROTO=17
> > 206.77.145.97:2200 x.x.x.x:161 L=265 S=0x00 I=44728 F=0x0000
> > T=102 (#1)
> > Apr 11 16:59:07 shelia kernel: Packet log: input DENY eth0 PROTO=17
> > 206.77.145.97:2200 x.x.x.x:161 L=265 S=0x00 I=10087 F=0x0000
> > T=102 (#1)
> > --
> > Ron Parker
> > Software Creations http://www.scbbs.com
> > TradeWinds Publishing http://www.intl-trade.com
> > TradePoint Los Angeles http://www.tradepointla.org
> > SiteDirector Security Server http://livepublish.scbbs.com
> > Civil War Online Library http://civilwar.scbbs.com
--
Ron Parker
Software Creations http://www.scbbs.com
TradeWinds Publishing http://www.intl-trade.com
TradePoint Los Angeles http://www.tradepointla.org
SiteDirector Security Server http://livepublish.scbbs.com
Civil War Online Library http://civilwar.scbbs.com
by