RE: Re: [fw-wiz] Wayyy too many spoofed packets

From: Daniel Linder (dan_linder_at_yahoo.com)
Date: 11/25/03

  • Next message: Chris de Vidal: "RE: Re: [fw-wiz] Wayyy too many spoofed packets"
    To: Bill@royds.net, 'Chris de Vidal' <chris@devidal.tv>
    Date: Mon, 24 Nov 2003 20:21:32 -0800 (PST)
    
    

    Can you setup the iptables rules on the other machines to log
    broadcasts from your "suspect" server and see if they see it coming in
    at the same time too? I would guess that your first server has Samba
    running and sending SMB broadcasts to the network, and the iptables is
    seeing the traffic. Does the iptables log keep the MAC address? Might
    help you track it down.

    Dan

    --- Bill Royds <broyds@rogers.com> wrote:
    > As Frank said, you machine is sending broadcasts on both interfaces
    > for
    > Samba. So you see the broadcasts as received as well. It is not
    > coming from
    > the net but from your machine itself.

    __________________________________
    Do you Yahoo!?
    Protect your identity with Yahoo! Mail AddressGuard
    http://antispam.yahoo.com/whatsnewfree
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Chris de Vidal: "RE: Re: [fw-wiz] Wayyy too many spoofed packets"

    Relevant Pages

    • Re: Samba - iptables
      ... >> machine makes a broadcast query, which is blocked by the firewall. ... If the iptables rules enable access to ... the rules will block broadcasts. ... And, by doing this could someone tell me if this could be a security risk, ...
      (linux.redhat.misc)
    • Re: Help...VPN client cant map drive to shared folder on Win Serv
      ... You are relying on broadcasts for name resolution, and broadcasts are usually blocked by routers and WAN links. ... I have not looked closely at remote access in 2008 yet, although I have been using it as a router in a test setup. ... I would put an LMHOSTS file on the client with an entry for each server on the LAN you need to contact. ... running on the LAN and the remote client gets the correct WINS address, ...
      (microsoft.public.windows.server.networking)
    • Re: Peer to Peer
      ... > no native way to sync with NTP broadcasts. ... Peer Windows networks can't use kerberos and don't have revenue generating ... server machines in them. ...
      (comp.protocols.time.ntp)
    • Re: DNS resolution of file server...
      ... WINS server. ... The one's which are working are likely using broadcasts ... but failing across routers. ... >>> fileserver has the IP setting at "auto assign IP ...
      (microsoft.public.win2000.dns)
    • Re: IPC Issue
      ... service (using Olaf's dhRichClient RPC components), ... A DCOM server written as an ActiveX EXE and properly configured in terms of security. ... A straightforward TCP socket service that accepts client connections from each peer and the UI application. ... UDP and Mailslot broadcasts between machines are not reliable. ...
      (microsoft.public.vb.general.discussion)