Sep 26 14:16:37 iplog started.
Sep 26 14:16:46 UDP: dgram to ntec23:ntp from hp735f.csc.cuhk.edu.hk (137.189.6.26):123 (48 data bytes)
Sep 26 14:16:46 UDP: dgram to ntec23:port 1035 from castle (192.168.64.230):985 (32 data bytes)
Sep 26 14:16:46 last message repeated 1 times
Sep 26 14:16:46 UDP: dgram to ntec23:port 1035 from castle (192.168.64.230):111 (28 data bytes)
Sep 26 14:16:46 last message repeated 1 times
Sep 26 14:16:46 UDP: dgram to ntec23:port 1035 from castle (192.168.64.230):985 (32 data bytes)
Sep 26 14:16:46 UDP: dgram to ntec23:port 1035 from castle (192.168.64.230):111 (28 data bytes)
Sep 26 14:16:46 last message repeated 1 times
Sep 26 14:16:46 UDP: dgram to ntec23:port 1035 from castle (192.168.64.230):985 (32 data bytes)
Sep 26 14:16:46 UDP: dgram to ntec23:port 1035 from castle (192.168.64.230):111 (28 data bytes)
Sep 26 14:16:47 last message repeated 1 times
Sep 26 14:16:47 UDP: dgram to ntec23:port 1035 from castle (192.168.64.230):985 (32 data bytes)
Sep 26 14:16:47 UDP: dgram to ntec23:port 1035 from castle (192.168.64.230):111 (28 data bytes)
Sep 26 14:16:47 last message repeated 1 times
Sep 26 14:16:47 UDP: dgram to ntec23:port 1035 from castle (192.168.64.230):985 (32 data bytes)
Sep 26 14:16:47 UDP: scan/flood detected to ntec23 [port 1035] from castle (192.168.64.230) [ports 985,111]
Sep 26 14:16:50 UDP: dgram to ntec23:domain from ntec93:1026 (36 data bytes)
Sep 26 14:16:50 ICMP: (ntec93) redirect router.arm.hkntec.net (192.168.64.254) to host ntec93
Sep 26 14:17:02 ICMP: echo from ntec24 to ntec23 (8 bytes)
Sep 26 14:17:03 TCP: port 250 connection attempt to ntec23 from ntec24:4053
Sep 26 14:17:03 TCP: port 1351 connection attempt to ntec23 from ntec24:4054
Sep 26 14:17:03 TCP: port 692 connection attempt to ntec23 from ntec24:4055
Sep 26 14:17:03 TCP: port 156 connection attempt to ntec23 from ntec24:4056
Sep 26 14:17:03 TCP: port 78 connection attempt to ntec23 from ntec24:4057
Sep 26 14:17:03 TCP: port 552 connection attempt to ntec23 from ntec24:4058
Sep 26 14:17:03 TCP: port 379 connection attempt to ntec23 from ntec24:4059
Sep 26 14:17:03 TCP: port 64 connection attempt to ntec23 from ntec24:4060
Sep 26 14:17:04 TCP: port 1547 connection attempt to ntec23 from ntec24:4061
Sep 26 14:17:04 TCP: port 902 connection attempt to ntec23 from ntec24:4062
Sep 26 14:17:04 TCP: port 322 connection attempt to ntec23 from ntec24:4063
Sep 26 14:17:04 TCP: port 3 connection attempt to ntec23 from ntec24:4064
Sep 26 14:17:04 TCP: port 214 connection attempt to ntec23 from ntec24:4065
Sep 26 14:17:04 TCP: port 1374 connection attempt to ntec23 from ntec24:4066
Sep 26 14:17:04 TCP: port scan detected to ntec23 [ports 250,1351,692,156,78,552,379,64,1547,902,...] from ntec24 [ports 4053,4054,4055,4056,4057,...]
Sep 26 14:17:09 ICMP: (ntec93) redirect router.arm.hkntec.net (192.168.64.254) to host ntec93
Sep 26 14:17:21 last message repeated 1 times
Sep 26 14:17:21 ICMP: echo from ntec24 to ntec23 (8 bytes)
Sep 26 14:17:50 last message repeated 4 times
Sep 26 14:17:50 TCP: FIN scan detected to ntec23 [ports 3389,8080,2015,722,1996,410,620,961,1528,1444,...] from ntec24 [port 41070]
Sep 26 14:18:11 ICMP: echo from ntec24 to ntec23 (8 bytes)
Sep 26 14:18:34 last message repeated 1 times
Sep 26 14:18:34 ICMP: (ntec93) redirect router.arm.hkntec.net (192.168.64.254) to host ntec93
Sep 26 14:18:50 TCP: FIN scan mode to ntec23 expired for ntec24 - received a total of 1607 packets (32140 bytes).
Sep 26 14:18:51 TCP: ssh connection attempt to ntec23 from ntec4.ie.cuhk.edu.hk (137.189.99.83):1019
Sep 26 14:18:51 UDP: dgram to ntec23:domain from ntec93:1026 (33 data bytes)
Sep 26 14:18:51 ICMP: (ntec93) redirect router.arm.hkntec.net (192.168.64.254) to host ntec93
Sep 26 14:19:17 TCP: port scan mode to ntec23 expired for ntec24 - received a total of 10260 packets (347920 bytes).
Sep 26 14:19:18 UDP: dgram to ntec23:domain from ntec93:1026 (40 data bytes)
Sep 26 14:19:18 ICMP: (ntec93) redirect router.arm.hkntec.net (192.168.64.254) to host ntec93
Sep 26 14:19:34 ICMP: echo from athena (192.168.64.232) to ntec23 (108 bytes)
Sep 26 14:19:43 last message repeated 4 times
Sep 26 14:19:43 UDP: dgram to ntec23:domain from ntec93:1026 (36 data bytes)
Sep 26 14:19:43 ICMP: (ntec93) redirect router.arm.hkntec.net (192.168.64.254) to host ntec93
Sep 26 14:19:45 ICMP: echo from athena (192.168.64.232) to ntec23 (108 bytes)
Sep 26 14:20:03 last message repeated 4 times
Sep 26 14:20:03 ICMP: echo from ntec24 to ntec23 (8 bytes)
Sep 26 14:20:03 TCP: port 467 connection attempt to ntec23 from ntec24:39673
Sep 26 14:20:04 TCP: port 1478 connection attempt to ntec23 from ntec24:39673
Sep 26 14:20:04 TCP: port 736 connection attempt to ntec23 from ntec24:39673
Sep 26 14:20:04 TCP: port 17007 connection attempt to ntec23 from ntec24:39673
Sep 26 14:20:04 TCP: port 1600 connection attempt to ntec23 from ntec24:39673
Sep 26 14:20:04 TCP: port 423 connection attempt to ntec23 from ntec24:39673
Sep 26 14:20:04 TCP: hmmp-ind connection attempt to ntec23 from ntec24:39673
Sep 26 14:20:04 TCP: port 643 connection attempt to ntec23 from ntec24:39673
Sep 26 14:20:04 TCP: port 807 connection attempt to ntec23 from ntec24:39673
Sep 26 14:20:04 TCP: port 172 connection attempt to ntec23 from ntec24:39673
Sep 26 14:20:05 TCP: port 767 connection attempt to ntec23 from ntec24:39673
Sep 26 14:20:05 TCP: port 5300 connection attempt to ntec23 from ntec24:39673
Sep 26 14:20:05 TCP: systat connection attempt to ntec23 from ntec24:39673
Sep 26 14:20:05 TCP: port 27 connection attempt to ntec23 from ntec24:39673
Sep 26 14:20:05 TCP: port scan detected to ntec23 [ports 467,1478,736,17007,1600,423,612,643,807,172,...] from ntec24 [port 39673]
Sep 26 14:20:29 ICMP: (ntec93) redirect router.arm.hkntec.net (192.168.64.254) to host ntec93
Sep 26 14:20:32 ICMP: echo from ntec24 to ntec23 (8 bytes)
Sep 26 14:21:02 last message repeated 3 times
Sep 26 14:21:02 ICMP: (ntec93) redirect router.arm.hkntec.net (192.168.64.254) to host ntec93
Sep 26 14:21:05 ICMP: echo from ntec24 to ntec23 (8 bytes)
Sep 26 14:21:59 TCP: port scan mode to ntec23 expired for ntec24 - received a total of 8575 packets (281300 bytes).
Sep 26 14:22:09 ICMP: (ntec93) redirect router.arm.hkntec.net (192.168.64.254) to host ntec93
Sep 26 14:22:10 UDP: dgram to ntec23:domain from ntec93:1026 (40 data bytes)
Sep 26 14:22:10 ICMP: (ntec93) redirect router.arm.hkntec.net (192.168.64.254) to host ntec93
Sep 26 14:22:11 UDP: dgram to ntec23:domain from ntec93:1026 (33 data bytes)
Sep 26 14:22:11 ICMP: (ntec93) redirect router.arm.hkntec.net (192.168.64.254) to host ntec93
Sep 26 14:22:50 Couldn't unlink "/var/run/iplog.pid": Permission denied
Sep 26 14:22:50 Caught signal 15, exiting.