RE: Re: [fw-wiz] Wayyy too many spoofed packets
From: Chris de Vidal (chris_at_devidal.tv)
Date: 11/25/03
- Previous message: Daniel Linder: "RE: Re: [fw-wiz] Wayyy too many spoofed packets"
- In reply to: Daniel Linder: "RE: Re: [fw-wiz] Wayyy too many spoofed packets"
- Next in thread: Mikael Olsson: "Re: [fw-wiz] Wayyy too many spoofed packets"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "Daniel Linder" <dan_linder@yahoo.com> Date: Tue, 25 Nov 2003 00:03:43 -0500 (EST)
Daniel Linder said:
> Can you setup the iptables rules on the other machines to log
> broadcasts from your "suspect" server and see if they see it coming in
> at the same time too? I would guess that your first server has Samba
> running and sending SMB broadcasts to the network, and the iptables is
> seeing the traffic. Does the iptables log keep the MAC address? Might
> help you track it down.
Good ideas. Nope, it does not show the MAC.
I suspect I'll have to wait 'til after Thanksgiving to work on this.. I
hoped to backend two PCs with a crossover and see what I see.
Thanks!
/dev/idal
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Daniel Linder: "RE: Re: [fw-wiz] Wayyy too many spoofed packets"
- In reply to: Daniel Linder: "RE: Re: [fw-wiz] Wayyy too many spoofed packets"
- Next in thread: Mikael Olsson: "Re: [fw-wiz] Wayyy too many spoofed packets"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
