Hi Taavi,
On Sun, Jan 22, 2012 at 01:47:58PM +0200, Taavi Ilves wrote:
> Has anyone a simple solution for catching where from and which
> protocol are those connections coming for old IP?
# tcpdump -vpni eth0 'host 212.13.19X.Y'
I've had a quick look and it seems to mostly just be random useless
traffic. You could avoid being warned again by removing the IP
address entirely:
# ip addr del 212.13.19X.Y dev eth0
(then remove from network configuration so it doesn't come back next
time you boot)
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
From syouth@??? Sun Jan 22 12:10:51 2012
Received: from mail-ey0-f176.google.com ([209.85.215.176])
by mail.bitfolk.com with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16)
(Exim 4.72) (envelope-from <syouth@???>) id 1RowG3-0001Q2-5I
for users@???; Sun, 22 Jan 2012 12:10:51 +0000
Received: by eaai1 with SMTP id i1so189082eaa.21
for <users@???>; Sun, 22 Jan 2012 04:10:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma;
h=mim
