Всем привет.
Есть сервер на Fedora Core 5. Установлен Dovecot.
В messages постоянно пишется:
Jul 20 11:05:01 watchdog[20394]: ISPmanager config was changed
Jul 20 11:07:21 kernel: possible SYN flooding on port 110. Sending cookies.
Jul 20 11:08:00 sendmail[20617]: Password verification failed
Jul 20 11:10:01 watchdog[20838]: ISPmanager config was changed
Jul 20 11:10:21 kernel: possible SYN flooding on port 110. Sending cookies.
Jul 20 11:13:21 kernel: possible SYN flooding on port 110. Sending cookies.
Jul 20 11:15:01 watchdog[21291]: ISPmanager config was changed
Jul 20 11:18:32 kernel: possible SYN flooding on port 110. Sending cookies.
Jul 20 11:20:01 watchdog[21667]: ISPmanager config was changed
Jul 20 11:21:32 kernel: possible SYN flooding on port 110. Sending cookies.

netstat показывает
tcp 0 0 ::ffff:85.249.137.163:80 ::ffff:85.92.17.161:3790 TIME_WAIT
tcp 0 0 ::ffff:85.249.137.163:110 ::ffff:84.54.224.40:28124 TIME_WAIT
tcp 0 0 ::ffff:85.249.137.163:80 ::ffff:194.186.150.205:4032 TIME_WAIT
tcp 0 0 ::ffff:85.249.137.163:110 ::ffff:84.54.224.40:28127 TIME_WAIT
tcp 0 0 ::ffff:85.249.137.163:80 ::ffff:194.186.150.205:4033 TIME_WAIT
tcp 0 0 ::ffff:85.249.137.163:110 ::ffff:84.54.224.40:28126 TIME_WAIT
tcp 0 0 ::ffff:85.249.137.163:80 ::ffff:194.186.150.205:4038 TIME_WAIT
tcp 0 0 ::ffff:85.249.137.163:80 ::ffff:85.92.17.161:3787 TIME_WAIT
tcp 0 0 ::ffff:85.249.137.163:110 ::ffff:84.54.224.40:28121 TIME_WAIT
tcp 0 0 ::ffff:85.249.137.163:110 ::ffff:84.54.224.40:28120 TIME_WAIT
tcp 0 0 ::ffff:85.249.137.163:110 ::ffff:84.54.224.40:28123 TIME_WAIT
tcp 0 0 ::ffff:85.249.137.163:110 ::ffff:84.54.224.40:28122 TIME_WAIT
tcp 0 0 ::ffff:85.249.137.163:110 ::ffff:84.54.224.40:28117 TIME_WAIT
tcp 0 0 ::ffff:85.249.137.163:110 ::ffff:84.54.224.40:28116 TIME_WAIT
tcp 0 0 ::ffff:85.249.137.163:80 ::ffff:72.232.79.62:49072 TIME_WAIT
tcp 0 0 ::ffff:85.249.137.163:110 ::ffff:84.54.224.40:28119 TIME_WAIT
tcp 0 0 ::ffff:85.249.137.163:110 ::ffff:84.54.224.40:28118 TIME_WAIT
tcp 0 0 ::ffff:85.249.137.163:110 ::ffff:84.54.224.40:28115 TIME_WAIT
tcp 0 0 ::ffff:85.249.137.163:110 ::ffff:84.54.224.40:28114 TIME_WAIT

# netstat -s

Ip:

17739259 total packets received

1 with invalid addresses

0 forwarded

0 incoming packets discarded

17739174 incoming packets delivered

20570421 requests sent out

5 fragments dropped after timeout

5 reassemblies required

5 packet reassembles failed

1 fragments failed

Icmp:

8319 ICMP messages received

112 input ICMP message failed.

ICMP input histogram:

destination unreachable: 6679

timeout in transit: 339

echo requests: 1296

345837 ICMP messages sent

0 ICMP messages failed

ICMP output histogram:

destination unreachable: 344536

time exceeded: 5

echo replies: 1296

Tcp:

24815 active connections openings

850510 passive connection openings

2194 failed connection attempts

27162 connection resets received

6 connections established

13670577 segments received

15811240 segments send out

448870 segments retransmited

176 bad segments received.

64188 resets sent

Udp:

3742727 packets received

344535 packets to unknown port received.

0 packet receive errors

4087594 packets sent

UdpLite:

TcpExt:

37491 SYN cookies sent

34651 SYN cookies received

36058 invalid SYN cookies received

2085 resets received for embryonic SYN_RECV sockets

2 packets pruned from receive queue because of socket buffer overrun

6 ICMP packets dropped because they were out-of-window

644144 TCP sockets finished time wait in fast timer

204 packets rejects in established connections because of timestamp

89877 delayed acks sent

261 delayed acks further delayed because of locked socket

Quick ack mode was activated 13168 times

35235 times the listen queue of a socket overflowed

35235 SYNs to LISTEN sockets ignored

141929 packets directly queued to recvmsg prequeue.

7605573 packets directly received from backlog

458862502 packets directly received from prequeue

781702 packets header predicted

301009 packets header predicted and directly queued to user

7513605 acknowledgments not containing data received

1584159 predicted acknowledgments

4872 times recovered from packet loss due to fast retransmit

126134 times recovered from packet loss due to SACK data

28 bad SACKs received

Detected reordering 80 times using FACK

Detected reordering 15 times using SACK

Detected reordering 44 times using reno fast retransmit

Detected reordering 118 times using time stamp

96 congestion windows fully recovered

346 congestion windows partially recovered using Hoe heuristic

TCPDSACKUndo: 22

4423 congestion windows recovered after partial ack

76776 TCP data loss events

TCPLostRetransmit: 154

1218 timeouts after reno fast retransmit

26305 timeouts after SACK recovery

6327 timeouts in loss state

217773 fast retransmits

17156 forward retransmits

61352 retransmits in slow start

59538 other TCP timeouts

TCPRenoRecoveryFail: 1380

18398 sack retransmits failed

320 times receiver scheduled too late for direct processing

129 packets collapsed in receive queue due to low socket buffer

13635 DSACKs sent for old packets

175 DSACKs sent for out of order packets

4770 DSACKs received

169 DSACKs for out of order packets received

939 connections reset due to unexpected data

3337 connections reset due to early user close

2861 connections aborted due to timeout

Подскажите, пожалуйста, почему это происходит?