Hi! I use "firestarter" to configure my firewall. I am not expert in linux-networking, so my question might be a bit "low-leveled". If I take a look at my hitlist, there are some portscans and stuff, but I dont understand this entry: Time: Aug 10 15:14:00 Source: 192.168.0.2 Destination: 200.55.90.253 In IF: Out IF: eth0 Port: 1234 Length: 44 ToS: 0x00 Protocol: tcp Service: subseven Isn't subseven an trojan-tool? And the most disturbing thing is, that the source (i.e. "192.168.0.2") is my local ip-address in our home-network. How is this possible and is my machine really sending portscans or what else does this hit tell me? Greetings, -- Thomas B. ICQ UIN#: 28869987 Here there be tygers.
Attachment:
signature.asc
Description: This is a digitally signed message part
