Hi, Our DNS and mail server is using the built-in ipfw running on MacOS X Server 10.3.5. We are filtering out a lot of UDP packets coming from computers in Russia. Should I worry about our computers being hacked? Any insight is greatly appreciated.
The ipfw log follows:
Oct 22 11:51:43 saturn kernel: ipfw: 1020 Deny UDP 83.102.166.217 207.95.154.3 in via en0 (frag 5045:25@512)
Oct 22 11:52:09 saturn kernel: ipfw: 1020 Deny UDP 83.102.166.4 207.95.154.3 in via en0 (frag 20770:25@512)
Oct 22 11:52:11 saturn kernel: ipfw: 1020 Deny UDP 83.102.166.41 207.95.154.3 in via en0 (frag 42994:25@512)
Oct 22 11:52:20 saturn kernel: ipfw: 1020 Deny UDP 83.102.166.58 207.95.154.3 in via en0 (frag 37098:25@512)
Oct 22 11:52:23 saturn kernel: ipfw: 1020 Deny UDP 83.102.166.46 207.95.154.3 in via en0 (frag 12019:25@512)
Oct 22 11:52:24 saturn kernel: ipfw: 1020 Deny UDP 83.102.166.48 207.95.154.3 in via en0 (frag 13945:25@512)
Oct 22 11:52:58 saturn kernel: ipfw: 1020 Deny UDP 83.102.166.47 207.95.154.3 in via en0 (frag 802:25@512)
Oct 22 11:53:34 saturn kernel: ipfw: 1020 Deny UDP 83.102.166.76 207.95.154.3 in via en0 (frag 21637:25@512)
Oct 22 11:54:44 saturn kernel: ipfw: 1020 Deny UDP 83.102.166.47 207.95.154.3 in via en0 (frag 29790:25@512)
Oct 22 11:55:26 saturn kernel: ipfw: 1020 Deny UDP 83.102.166.49 207.95.154.3 in via en0 (frag 47996:25@512)
Oct 22 11:55:32 saturn kernel: ipfw: 1020 Deny UDP 83.102.166.41 207.95.154.3 in via en0 (frag 5902:25@512)
Oct 22 11:55:38 saturn kernel: ipfw: 1020 Deny UDP 83.102.166.7 207.95.154.3 in via en0 (frag 7222:25@512)
Oct 22 11:56:35 saturn kernel: ipfw: 1020 Deny UDP 83.102.166.45 207.95.154.3 in via en0 (frag 40302:25@512)
Oct 22 11:57:02 saturn kernel: ipfw: 1020 Deny UDP 83.102.166.42 207.95.154.3 in via en0 (frag 9637:25@512)
Oct 22 11:57:07 saturn kernel: ipfw: 1020 Deny UDP 83.102.166.131 207.95.154.3 in via en0 (frag 7887:25@512)