Results 1 to 4 of 4
  1. #1
    Join Date
    Dec 2002
    Location
    USA
    Posts
    339

    Help Exlpain this Logwatch Entry

    I have not come across this entry in my daily Logwatch report.

    #########Logwatch 7.3.1 (09/15/06)#########

    --------------------- Kernel Begin ------------------------


    1 Time(s): Advised path = My Server IP -> 0.0.0.0, tos 00
    1 Time(s): Redirect from 81.207.253.128 on eth0 about 195.190.249.32 ignored.

    ---------------------- Kernel End -------------------------


    I looked up the IP's and they exist in RIPE land.

    SSH logins were normal and no sign of intrusion.

    What does that entry refer to?

  2. #2
    Join Date
    Dec 2002
    Location
    USA
    Posts
    339
    Forgot to add this box is running:

    Linux OS: Centos 4.4 with Cpanel/WHM
    Kernel Version: 2.6.9-42.0.2.ELsmp

  3. #3
    Join Date
    Dec 2002
    Location
    USA
    Posts
    339
    Bumpity bump bump

    Really do need help with this question.

  4. #4
    Join Date
    May 2003
    Location
    Florida
    Posts
    902
    Quote Originally Posted by Frontpage1
    Bumpity bump bump

    Really do need help with this question.
    I am not familar with your problem, but Google revealed:

    Your host is receiving ICMP redirect packets from the specified Ip address.
    An ICMP redirect is an error message sent by a router to the sender of an IP packet . Redirects are used when a router believes a packet is being routed sub optimally and it would like to inform the sending host that it should forward subsequent packets to that same destination through a different gateway.

    If you are receiving ICMP redirects from a host that's not your gateway, then something is definately wrong.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •