Results 1 to 4 of 4
Thread: Help Exlpain this Logwatch Entry
-
12-05-2006, 10:11 AM #1Web Hosting Guru
- Join Date
- Dec 2002
- Location
- USA
- Posts
- 339
Help Exlpain this Logwatch Entry
I have not come across this entry in my daily Logwatch report.
#########Logwatch 7.3.1 (09/15/06)#########
--------------------- Kernel Begin ------------------------
1 Time(s): Advised path = My Server IP -> 0.0.0.0, tos 00
1 Time(s): Redirect from 81.207.253.128 on eth0 about 195.190.249.32 ignored.
---------------------- Kernel End -------------------------
I looked up the IP's and they exist in RIPE land.
SSH logins were normal and no sign of intrusion.
What does that entry refer to?
-
12-05-2006, 03:57 PM #2Web Hosting Guru
- Join Date
- Dec 2002
- Location
- USA
- Posts
- 339
Forgot to add this box is running:
Linux OS: Centos 4.4 with Cpanel/WHM
Kernel Version: 2.6.9-42.0.2.ELsmp
-
12-07-2006, 09:48 PM #3Web Hosting Guru
- Join Date
- Dec 2002
- Location
- USA
- Posts
- 339
Bumpity bump bump
Really do need help with this question.
-
12-07-2006, 11:58 PM #4Web Hosting Master
- Join Date
- May 2003
- Location
- Florida
- Posts
- 902
Originally Posted by Frontpage1
Your host is receiving ICMP redirect packets from the specified Ip address.
An ICMP redirect is an error message sent by a router to the sender of an IP packet . Redirects are used when a router believes a packet is being routed sub optimally and it would like to inform the sending host that it should forward subsequent packets to that same destination through a different gateway.
If you are receiving ICMP redirects from a host that's not your gateway, then something is definately wrong.