Security Basics mailing list archives
Strange Packet logs in ipchains
From: Sam Dirk <samdirk () online ie>
Date: 25 Mar 2003 10:41:33 -0000
Hi All, Yesterday I noticed the following entry in logs: Packet log: input REJECT eth0 PROTO=17 169.254.208.158:137 169.254.255.255:137 L=96 S=0x00 I=3072 F=0x0 000 T=128 (#9) This occured only on our internal (10.10.x.x address) network. The packets were seen three times over the course of the day but lasted for only one - two seconds so it was impossible to get a tcpdump. In addition the source address was either 169.254.208.158 or 169.254.24.111. We don't use the above addresses on the network so am I ------------------------------------------------------------------- SurfControl E-mail Filter puts the brakes on spam, viruses and malicious code. Safeguard your business critical communications. Download a free 30-day trial: http://www.surfcontrol.com/go/zsfsbl1
Current thread:
- Strange Packet logs in ipchains Sam Dirk (Mar 26)
- Re: Strange Packet logs in ipchains Vic Parat (NSS) (Mar 27)
- Re: Strange Packet logs in ipchains Bear Giles (Mar 27)
- RE: Strange Packet logs in ipchains Burton M. Strauss III (Mar 27)
- <Possible follow-ups>
- Re: Strange Packet logs in ipchains Paris Stone (Mar 27)
- RE: Strange Packet logs in ipchains Mike Heitz (Mar 27)
- RE: Strange Packet logs in ipchains Gwydion Mine (Mar 28)