[plug] ip_conntrack suspicious connection

[Al Agawa]

Hi!  It's my first time to post here in PLUG.

I am Al and I'm a new system administrator but I have
a 3 year experience in linux system.  Most of my
experience was using it's desktop capabilities but I
know also about administration.

I am using Redhat 9.0, Kernal is 2.4.20-8 and iptables
is v1.2.7a.

My question, I have these suspicious entries on my
ip_conntrack file:

************************************************
tcp      6 425766 ESTABLISHED src=192.168.0.251
dst=192.168.0.69 sport=43121 dport=80 [UNREPLIED]
src=192.168.0.69 dst=192.168.0.251 sport=80
dport=43121 use=1
tcp      6 425328 ESTABLISHED src=192.168.0.251
dst=192.168.0.97 sport=34857 dport=80 [UNREPLIED]
src=192.168.0.97 dst=192.168.0.251 sport=80
dport=34857 use=1
tcp      6 425766 ESTABLISHED src=192.168.0.251
dst=192.168.0.70 sport=43121 dport=80 [UNREPLIED]
src=192.168.0.70 dst=192.168.0.251 sport=80
dport=43121 use=1
tcp      6 425328 ESTABLISHED src=192.168.0.251
dst=192.168.0.98 sport=34857 dport=80 [UNREPLIED]
src=192.168.0.98 dst=192.168.0.251 sport=80
dport=34857 use=1
tcp      6 425271 ESTABLISHED src=192.168.0.251
dst=192.168.0.71 sport=43121 dport=80 [UNREPLIED]
src=192.168.0.71 dst=192.168.0.251 sport=80
dport=43121 use=1
tcp      6 424833 ESTABLISHED src=192.168.0.251
dst=192.168.0.99 sport=34857 dport=80 [UNREPLIED]
src=192.168.0.99 dst=192.168.0.251 sport=80
dport=34857 use=1
****************************************************

Is my computer hacked? or it is a virus on the
network?

Thanks.

Al


		
__________________________________ 
Do you Yahoo!? 
Yahoo! Mail - Helps protect you from nasty viruses. 
http://promotions.yahoo.com/new_mail