Re: Unwittingly flooding my internal network?

From: Jeremia d. (jdb@penguin-security.com)
Date: 02/24/03

  • Next message: Mandi: "Re: Unwittingly flooding my internal network?" 
    From: "Jeremia d." <jdb@penguin-security.com>
To: security-discuss@linuxsecurity.com
Date: Mon, 24 Feb 2003 06:55:25 +0000

    On Monday 24 February 2003 23:41, you wrote:
    run lsof on the box and do something like:
    lsof | grep 631 and this will show you the program thats sending or recieving
    on that port . Ethereal and tcpdump are also great tools in assiting you in
    this process

    > I just upgraded to Mandrake 9.0 on one of my boxes and my internal IDS has
    > now logged about 6500 packets from that machine. It appears to be
    > broadcasting on the local subnet udp packets destined to udp/631. Has
    > anyone ran into this problem? Does anyone know of a good way to trouble
    > shoot which service this is coming from?
    >
    > Any help will be appreciated
    > Lora Woodworth, CISSP
    > INFOSEC
    > CTA Inc.
    > (719)590-5135
    > lora.woodworth@cta.com
    > ------------------------------------------------------------------------
    > To unsubscribe email security-discuss-request@linuxsecurity.com
    > with "unsubscribe" in the subject of the message. 

    -- 
Today's scientific question is: What in the world is electricity?
And where does it go after it leaves the toaster?
		-- Dave Barry, "What is Electricity?"
------------------------------------------------------------------------
     To unsubscribe email security-discuss-request@linuxsecurity.com
         with "unsubscribe" in the subject of the message.