7
rated 0 times
[
7]
[
0]
/ answers: 1 / hits: 3637
/ 1 Year ago, sun, december 25, 2022, 11:55:52
I have the following UFW Block entry. How do I get the source MAC? I'm getting a ton from the same MAC=e8:11:32:cb:d9:42:54:04:a6:ba:22:f8:08:00 doing port scanning. If it matters, I'm using 12.04 LTS.
Feb 4 17:46:06 ChromeBox-Server kernel: [663960.096168] [UFW BLOCK] IN=eth0 OUT= MAC=e8:11:32:cb:d9:42:54:04:a6:ba:22:f8:08:00 SRC=123.129.216.39 DST=192.168.1.10 LEN=48 TOS=0x00 PREC=0x20 TTL=115 ID=49547 PROTO=TCP SPT=1535 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0
More From » ufw