Full Disclosure mailing list archives
Re: Reverse http traffic
From: "Daniel H. Renner" <dan () losangelescomputerhelp com>
Date: 30 Dec 2003 16:21:34 -0800
On Tue, 2003-12-30 at 13:22, Ron DuFresne wrote:
Dan,
<snip>
comments inline On 30 Dec 2003, Daniel H. Renner wrote:Hello Ron, If I appeared to be a newbie with a problem - I am not, nor am I an expert who might know what that type of traffic could be. There currently is no problem with this guy's LAN, nor with his Internet connection. The problem was handled with the installation of the firewall as I mentioned in my post - I was simply wondering if this was some sort of attack as it was wierd traffic, from the OUTSIDE of the LAN to the firewall.I seriously doubt that there was an issue solved by the replacement of the dsl <lynksys if I recall correctly> router with a firewall, as all the other system plugged into the router worked fine, only a single host was having troubles, which were poorly identified and presented for 'discussion' here.
If I appear that much of a numbnutz that you can't take my word for a simple situation, then I will have to work on my English a bit I think... But in fact the problem was indeed handled immediately after replacing the Linksys with a IPCop firewall. Since you somehow missed my description of the events, at the risk of being rude, I will copy from my original post: </start clip> I had a case recently wherein one of a client's systems (Win2k) could not access http, or mail traffic. At the same time, 2 other systems (Win95 and Xandros) could, and yet he could access all of the other network shares via TCP. (* Definition: 'he' above meaning the Win2k system.) He brought it to my shop, it was patched up, already had the latest anti-virus defs, and it got on the 'net fine here. He returned with it and set it up - and could not get any http or email. (* Clarification: This should have ended with "... on his LAN.") I went to his office to see what was up, hooked in my little 'kneetop' (Sony Picturebook) and browsed just fine. I then installed a Linux firewall on a spare computer, replaced the Linksys router with it and instantly his Win2k was able to browse and get email. </end clip> (* Clarification: At this point I had already changed the Win2k's IP to match the internal IP of the IPCop system.) And to re-state, there is no current problem with this fellow's LAN - I was simply looking to see if anyone knows what could cause the afformentioned type of traffic that was stopped by IPCop. If you need more data, simply ask and I will be more than willing to reply. Cheers, Dan
<snip>
Thanks, Ron DuFresne ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Reverse http traffic Daniel H. Renner (Dec 29)
- Re: Reverse http traffic Lan Guy (Dec 30)
- Re: Reverse http traffic Ron DuFresne (Dec 30)
- Re: Reverse http traffic Daniel H. Renner (Dec 30)
- <Possible follow-ups>
- RE: Reverse http traffic Daniel H. Renner (Dec 30)
- Re: Reverse http traffic Daniel H. Renner (Dec 30)