syslog log of TCP packet

Posted by com on Server Fault See other posts from Server Fault or by com
Published on 2012-11-11T15:36:43Z Indexed on 2012/11/11 17:03 UTC
Read the original article Hit count: 196

Filed under:

networking

|

nagios

|

syslog

Occasionally, I noticed a lot of following messsages in syslog

Nov {datetime} hostname kernel: [8226528.586232] AIF:PRIV TCP packet: IN=eth0 OUT= MAC={mac} SRC={sourceip} DST={destinationip} LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=20361 DF PROTO=TCP SPT=39950 DPT=37 WINDOW=14600 RES=0x00 SYN URGP=0

On the Internet, I found that DOS attack may cause such type of output, unfortunately, I don't understand what does this log mean. The only thing is clear for me is this log is related to network.

The source host is the host where nagios is installed.

Does it mean nagios somehow does behave well?

And what does it mean at all?

© Server Fault or respective owner

Related posts about networking

Networking stopped working on Ubuntu

as seen on Super User - Search for 'Super User'
I installed Ubuntu 10.04 through the Wubi installer (Funny, I installed it today and thought I would have gotten 10.10). I had a network connection and everything was working fine. I rebooted my coumputer a couple of times and then suddenly, I could not connect to the network and when I click the… >>> More
Troubles with start up defenition of networking service in Ubuntu

as seen on Super User - Search for 'Super User'
I use Ubuntu 12.04.1. I put attention that networking script starting in runlevel 0: user@comp:/etc/rc0.d$ chkconfig -l networking networking 0:on 1:off 2:off 3:off 4:off 5:off 6:off When I try to move it working to appropriate run levels I get error: user@comp:/etc/rc0… >>> More
Installing the Elgg Social Networking CMS

as seen on Internet.com - Search for 'Internet.com'
One Open Source CMS that stands out above the rest for small businesses and personal networks is the Elgg open source "social engine," which can be used to create social applications. Scott Clark shows you how to install and get started with this social networking CMS. >>> More
OAuth: Token-Based Authorization for the Social Networking Age

as seen on Internet.com - Search for 'Internet.com'
The OAuth token-based authorization system allows users to grant third-party access to their resources without sharing their usernames and passwords. It's perfect for the age of data scattered across many social networking sites. >>> More
OAuth: Token-Based Authorization for the Social Networking Age

as seen on Internet.com - Search for 'Internet.com'
The OAuth token-based authorization system allows users to grant third-party access to their resources without sharing their usernames and passwords. It's perfect for the age of data scattered across many social networking sites. >>> More

Related posts about nagios

Nagios Creating lots of zombie process

as seen on Server Fault - Search for 'Server Fault'
In my monitoring box, I have lots of zombie process created by nagios and they gets remove quickly also. I am using active checks to perform monitoring of my servers. I accumulated the defunct processes created using the following command: $ top -d 0.25 -b -n 20 > topout.txt This collected the… >>> More
Nagios: NRPE: Unable to read output, Can't find the reason, can you?

as seen on Server Fault - Search for 'Server Fault'
I have a Nagios server and a monitored server. On the monitored server: [root@Monitored ~]# netstat -an |grep :5666 tcp 0 0 0.0.0.0:5666 0.0.0.0:* LISTEN [root@Monitored ~]# locate check_kvm /usr/lib64/nagios/plugins/check_kvm [root@Monitored ~]#… >>> More
nagios NRPE: Unable to read output

as seen on Server Fault - Search for 'Server Fault'
I currently set up a script to restart my http servers + php5 fpm but can't get it to work. I have googled and have found that mostly permissions are the problems of my error but can't figure it out. I start my script using /usr/lib/nagios/plugins/check_nrpe -H bart -c restart_http This is the… >>> More
Nagios returns "No output returned from plugin" running process

as seen on Server Fault - Search for 'Server Fault'
I have a nagios server and a bunch of nagios clients that i currently monitor. All the clients are setup with the following nrpe configuration. check_users, check_load... metrics are successfully displayed on the nagios interface but check_nginx and check_server_proxy displayed as "Unknown"-(No output… >>> More
Error with Apache, Nagios and Snorby integration

as seen on Server Fault - Search for 'Server Fault'
I'm trying to use apache to serve two different websites (Nagios and Snorby). The problem is that when I try to see the "/snorby" website, apache sends me the "It works" page. If I try to access to "/nagios" it works perfectly. Snorby is running under ruby passenger .This are the config files. <VirtualHost… >>> More