I am used to seeing the 100's of dropped packets in each logwatch email, but this one is very different and excessive in my opinion. What do you make of it? Someone trying to inject? Should I ban the IP?
From 66.xxx.xxx.xxx - 4087 packets
To 69.xx.xxx.xx - 4087 packets
Service: 0 (tcp/0) (** IN_TCP DROP **,eth1,none) - 3 packets
Service: mysql (tcp/3306) (** IN_TCP DROP **,eth1,none) - 4071 packets
Service: mysql (tcp/3306) (ll header: <4>** IN_TCP DROP **,eth1,none) - 4 packets
Service: mysql (tcp/3306) (ll header: ff:ff:ff:ff:ff:<4>** IN_TCP DROP **,eth1,none) - 1 packet
Service: mysql (tcp/3306) (ll header: ff:ff:ff:ff:ff:ff:00:30:48:29:98:f2:08:06<4>** IN_TCP DROP **,eth1,none) - 1 packet
Service: mysql (tcp/3306) (ll header: ff:ff:ff:ff:ff:ff:00:30:48:29:c8:<4>** IN_TCP DROP **,eth1,none) - 1 packet
Service: mysql (tcp/3306) (ll header: ff:ff:ff:ff:ff:ff:00:30<4>** IN_TCP DROP **,eth1,none) - 1 packet
Service: mysql (tcp/3306) (ll header: ff:ff:ff:ff:ff<4>** IN_TCP DROP **,eth1,none) - 1 packet
Service: mysql (tcp/3306) (ll header: ff<4>** IN_TCP DROP **,eth1,none) - 4 packets
From 66.xxx.xxx.xxx - 4087 packets
To 69.xx.xxx.xx - 4087 packets
Service: 0 (tcp/0) (** IN_TCP DROP **,eth1,none) - 3 packets
Service: mysql (tcp/3306) (** IN_TCP DROP **,eth1,none) - 4071 packets
Service: mysql (tcp/3306) (ll header: <4>** IN_TCP DROP **,eth1,none) - 4 packets
Service: mysql (tcp/3306) (ll header: ff:ff:ff:ff:ff:<4>** IN_TCP DROP **,eth1,none) - 1 packet
Service: mysql (tcp/3306) (ll header: ff:ff:ff:ff:ff:ff:00:30:48:29:98:f2:08:06<4>** IN_TCP DROP **,eth1,none) - 1 packet
Service: mysql (tcp/3306) (ll header: ff:ff:ff:ff:ff:ff:00:30:48:29:c8:<4>** IN_TCP DROP **,eth1,none) - 1 packet
Service: mysql (tcp/3306) (ll header: ff:ff:ff:ff:ff:ff:00:30<4>** IN_TCP DROP **,eth1,none) - 1 packet
Service: mysql (tcp/3306) (ll header: ff:ff:ff:ff:ff<4>** IN_TCP DROP **,eth1,none) - 1 packet
Service: mysql (tcp/3306) (ll header: ff<4>** IN_TCP DROP **,eth1,none) - 4 packets
