> Oct 30 17:32:24 IPTables Dropped: IN=eth0 OUT=> MAC=04:01:2b:bd:b0:01:4c:96:1

1. > Oct 30 17:32:24 IPTables Dropped: IN=eth0 OUT=
2. > MAC=04:01:2b:bd:b0:01:4c:96:14:ff:df:f0:08:00 SRC=62.210.94.116
3. > DST=128.199.xxx.xxx LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=45212
4. > PROTO=TCP SPT=51266 DPT=5900 WINDOW=1024 RES=0x00 SYN URGP=0
5. >
6. > Oct 30 17:29:57 Debian kernel: [231590.140175] IPTables Dropped:
7. > IN=eth0 OUT= MAC=04:01:2b:bd:b0:01:4c:96:14:ff:ff:f0:08:00
8. > SRC=69.30.240.90 DST=128.199.xxx.xxx LEN=40 TOS=0x00 PREC=0x00 TTL=245
9. > ID=12842 DF PROTO=TCP SPT=18534 DPT=8061 WINDOW=512 RES=0x00 SYN
10. > URGP=0
11.  
12. # Drop bogus TCP packets
13. iptables -A INPUT -p tcp -m tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
14. iptables -A INPUT -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j DROP
15.  
16. # --- Common Attacks: Null packets, XMAS Packets and Syn-Flood Attack ---
17. iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP
18. iptables -A INPUT -p tcp --tcp-flags ALL ALL -j DROP
19. iptables -A INPUT -p tcp ! --syn -m state --state NEW -j DROP
20.  
21. [Definition]
22. failregex = ^<HOST> -.*IPTables Dropped:.*SYN URGP=0
23. ignoreregex =