Linode Forum

[denvercyber]

I am getting a lot of output to syslog from iptables like:

Nov 24 20:35:07 coyote kernel: iptables denied: IN=eth0 OUT= MAC=fe:fd:45:a4:c3:0f:00:d0:d3:9f:81:36:08:00 SRC=93.55.226.138 DST=69.164.195.151 LEN=78 TOS=0x00 PREC=0x00 TTL=110 ID=3400 PROTO=UDP SPT=1031 DPT=137 LEN=58
Nov 24 20:42:43 coyote kernel: iptables denied: IN=eth0 OUT= MAC=fe:fd:45:a4:c3:0f:00:d0:d3:9f:81:36:08:00 SRC=205.209.142.27 DST=69.164.195.15 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=11047 PROTO=TCP SPT=2912 DPT=2892 WINDOW=4096 RES=0x00 SYN URGP=0
Nov 24 20:42:43 coyote kernel: iptables denied: IN=eth0 OUT= MAC=fe:fd:45:a4:c3:0f:00:d0:d3:9f:81:36:08:00 SRC=205.209.142.27 DST=69.164.195.151 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=11183 PROTO=TCP SPT=2898 DPT=2892 WINDOW=4096 RES=0x00 SYN URGP=0
Nov 24 20:46:39 coyote kernel: iptables denied: IN=eth0 OUT= MAC=fe:fd:45:a4:c3:0f:00:d0:d3:9f:81:36:08:00 SRC=218.6.15.138 DST=69.164.195.15 LEN=40 TOS=0x00 PREC=0x00 TTL=103 ID=256 PROTO=TCP SPT=6000 DPT=2967 WINDOW=16384 RES=0x00 SYN URGP=0
Nov 24 20:46:39 coyote kernel: iptables denied: IN=eth0 OUT= MAC=fe:fd:45:a4:c3:0f:00:d0:d3:9f:81:36:08:00 SRC=218.6.15.138 DST=69.164.195.151 LEN=40 TOS=0x00 PREC=0x00 TTL=104 ID=256 PROTO=TCP SPT=6000 DPT=2967 WINDOW=16384 RES=0x00 SYN URGP=0

Is this normal and is there anything else I should be doing to harden my system?

[anderiv]

Nah - the "denied" tag indicates that iptables is just doing its thing - dropping packets that don't matching any of the "allow" rules you set up.