I just set up some IP tables configuration to log all incoming messages, but I am unsure as to what these messages mean - they seem to just be idle "pinging", but i'm not sure how you would tell. The command I used was "sudo /sbin/iptables -A INPUT -j LOG" and the types of messages I got were:
Nov 28 14:51:12 nsb_rhgate kernel: IN=lo OUT= MAC=00:00:00:00:00:00:00:00:00:00:00:00:08:08 SRC=192.168.10.120 DST=192.168.10.120 LEN=70 TOS=0x00 PREC=0x00 TTL=64 ID=42658 DF PROTO=UDP SPT=32773 LEN=105
Nov 28 14:53:38 nsb_rhgate kernel: IN=eth1 OUT= MAC=00:0c:29:d30c:da:00:0c:29:99:78:a8:08:08 SRC=192.168.10.110 DST=192.168.10.120 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=22796 DF PROTO=TCP SPT=2049 DPT=1019 WINDOW=2896 RES=0x00 ACK FIN URGP=0
Any idea what those mean? Why is one using UDP and the other TCP?