unknown tcp connections to dawsonmail.com

Lorin Lund llund at kleenmail.net
Thu Apr 1 04:43:10 PST 2004

Qwest is my phone company.  When I signed up for DSL I opted for
and external DSL connection.  They supplied an ActionTec router/hub/modem.
It has an HTML interface for configuration and it has a limited amount 
of traffic logging.  The log shows the external domain and the internal
IP address.  There are several Windoze boxes and my FreeBSD box.  The 
ActionTec does NAT.  Anything that comes in that isn't a response to an
outgoing packet would normally be dropped.  But I have enabled an 
option to have all other traffic go to my FreeBSD box.  I don't know if
the log shows only outgoing traffic or if it includes unsolicited incoming
stuff.  If so the dawsonmail.com could be them probing me. 

But if they have managed somehow to get stuff into my FreeBSD system I want to 
find out how and to cut it off.

3/30/2004 8:35:26 PM, Chuck McManis <cmcmanis at mcmanis.com> wrote:

>Its a bit confusing because you mention the DSL router and "my server" as 
>if they are two different machines. If they are, then are they the ONLY two 
>different machines behind the DSL router? Is it possible you have a Windoze 
>PC on your subnet somewhere? Seems that dawsonmail.com is a hostile web 
>site (it attempts to install adware) perhaps you have something connected 
>to it somewhere?
>At 06:44 PM 3/30/2004, Lorin Lund wrote:
>>I have freebsd 5.2 release running on my server.
>>I have apache2 and MySQL installed and running.  No other
>>daemons to speak of.  Yet my DSL router shows connections
>>to dawsonmail.com.
>>Does anyone have any knowledge or ideas of what might be
>>going on?  The DSL router does not show port info.
>>Just the outside domain name and the inside IP address.
>>freebsd-questions at freebsd.org mailing list
>>To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"

More information about the freebsd-questions mailing list