[Cialug] Odd log entries on RH7.2 box

[cialug@cialug.org]

I was looking through my logs, and I noticed some odd entries.  I am seeing many
ACCEPTed entries from ipchains (over 800 this week) in /var/log/messages.  The
source ports are 0, 3, 8, 11, and 12.  The dest ports are 0, 1, 3, or 13.  I've
looked up these ports at iana.org, but it says port 0, 8, and 12 are reserved or
unassigned (the dest ports of 1 and 13 are tcpmux and daytime).  I don't have
anything running on these ports.  For the ones trying to connect to port 0, all
but 43 came from one of 2 addresses, both of these addresses belong to yahoo.com
(for example, UNKNOWN-217-146-185-137.yahoo.com).  It seems odd to me there
would be access on these ports, especially port 0.  I'm curious if I need to
block any of the dest ports being hit.  Anyone have any ideas, suggestions, or
comments?  Why would these ports be accessed?

--
Tim W.