hello,
Monitoring logs recently i noticed this entry:
Sep 18 18:19:57 DCRT kernel: [LOCAL-WAN-30-D]IN= OUT=eth0
src=xx.xx.xx.xx DST=184.105.139.123 LEN=576 TOS=0x00 PREC=0xC0 TTL=64 ID=46648
PROTO=ICMP TYPE=11 CODE=1 [src=184.105.139.123 DST=xx.xx.xx.xx LEN=1500 TOS=0x00
PREC=0x00 TTL=57 ID=966 MF PROTO=UDP SPT=57513 DPT=500 LEN=2536
I'm trying to understand what it's telling me. It appears that my erpoe was telling 184.105.139.123 (huricane electric) that time was exceeded on a communication that was being attempted to my port 500? Have i understood that correctly and do i need to be worried about something nefarious going on?
Also note, that i do not have any vpn or tunneling going on.
Thanks.