Unknown logs in CSF

Jeremy · 12 December 2019 21:18

Hi. I got following logs that I do not know what they mean (through CSF):

a) admin kernel: Firewall: TCP_OUT Blocked IN= OUT=eth0 SRC=11.110.0.20 DST=41.216.186.161 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=22413 DF PROTO=TCP SPT=60868 DPT=44540 WINDOW=28400 RES=0x00 SYN URGP=0 UID=1021 GID=1024

b) admin kernel: Firewall: TCP_OUT Blocked IN= OUT=eth0 SRC=11.110.0.20 DST=41.216.186.161 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=39560 DF PROTO=TCP SPT=60932 DPT=44540 WINDOW=28400 RES=0x00 SYN URGP=0 UID=1021 GID=1024

What could they mean and what should I do about them?strong text

zura1994 · 30 December 2019 06:28

I can advice you one thing.

all IP address which are unknown for you and you don’t know why are they trying to connect to your system. you can make firewall rule to block all this IP addresses. also you can make access list only ips you are connecting to your system