Firewall Wizards mailing list archives
RE: Re: Wayyy too many spoofed packets
From: "Chris de Vidal" <chris () devidal tv>
Date: Tue, 25 Nov 2003 00:03:43 -0500 (EST)
Daniel Linder said:
Can you setup the iptables rules on the other machines to log broadcasts from your "suspect" server and see if they see it coming in at the same time too? I would guess that your first server has Samba running and sending SMB broadcasts to the network, and the iptables is seeing the traffic. Does the iptables log keep the MAC address? Might help you track it down.
Good ideas. Nope, it does not show the MAC. I suspect I'll have to wait 'til after Thanksgiving to work on this.. I hoped to backend two PCs with a crossover and see what I see. Thanks! /dev/idal _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: Wayyy too many spoofed packets, (continued)
- Re: Wayyy too many spoofed packets Chris de Vidal (Nov 23)
- Message not available
- RE: Wayyy too many spoofed packets Chris de Vidal (Nov 21)
- Re: Wayyy too many spoofed packets Mikael Olsson (Nov 21)
- Re: Wayyy too many spoofed packets Chris de Vidal (Nov 21)
- Re: Wayyy too many spoofed packets Frank Knobbe (Nov 21)
- RE: Re: Wayyy too many spoofed packets Bill Royds (Nov 21)
- RE: Re: Wayyy too many spoofed packets Frank Knobbe (Nov 23)
- RE: Re: Wayyy too many spoofed packets Chris de Vidal (Nov 23)
- RE: Re: Wayyy too many spoofed packets Frank Knobbe (Nov 23)
- RE: Re: Wayyy too many spoofed packets Frank Knobbe (Nov 23)
- RE: Re: Wayyy too many spoofed packets Daniel Linder (Nov 25)
- RE: Re: Wayyy too many spoofed packets Chris de Vidal (Nov 25)