TPF log

From: Juan Mejia (jmejia@uchile.cl)
Date: 07/22/01

• Previous message: Steve Willis: "RE: Small ISP/ASP security concerns"
• Next in thread: Devdas Bhagat: "Re: TPF log"
• Reply: Devdas Bhagat: "Re: TPF log"
• Reply: Tommie Porter: "RE: TPF log"
• Reply: Kevin Brown: "RE: TPF log"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Sat, 21 Jul 2001 19:42:07 -0500
From: Juan Mejia <jmejia@uchile.cl>
Message-ID: <1219106654.20010721194207@uchile.cl>
To: security-basics@securityfocus.com
Subject: TPF log

Hello,
     I set Tiny Personal Firewall to "log packets to unopened
     ports" . Now the log shows me an entry like this each and every
     minute:
     1,[date/time] Rule 'Packet to unopened...': : In UDP, LAB [0.0.0.0:68]->localhost:67, Owner: No owner

     So I wonder what does this ip address means? I suppose it's my
     own pc (since its name is LAB) but I'm not sure about it. Also why is it appearing
     exactly each and evey minute the pc is turned on?
     I've seen port 67 is for bootstrap pc but don't know what it is
     for. In case it's my own pc, how could I stop this?

     Also there's more than 1000 entries for this:
     Rule 'Packet to unopened...': : In UDP, xxx.xxx.xxx.229:68->localhost:67, Owner: No owner

     The host generating these packets belongs to my same net and was
     sending the packets continuosly during 9 hours the same day.

     Could someone help a curious guy understand this?
     I don't run any servers in my pc, all I have is WebWasher running
     not as a server, and sometimes allow (for a couple of minutes) udp traffic to share some
     resources through the LAN.

Any comments from you guys will help make a win user more security
concious and able to make hackers life more difficult. ;-}

     
Saludos desde Chile,
 Juan

---

• Previous message: Steve Willis: "RE: Small ISP/ASP security concerns"
• Next in thread: Devdas Bhagat: "Re: TPF log"
• Reply: Devdas Bhagat: "Re: TPF log"
• Reply: Tommie Porter: "RE: TPF log"
• Reply: Kevin Brown: "RE: TPF log"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Simple setup of domain servers for school labs ... So the students logging into the servers will be logging in from both ... Are the student computers stationary in each lab or do they use 'traveling' ... Are the servers all SBS 2003 Standard or a combination of SBS Standard and ... (microsoft.public.windows.server.sbs) Re: Basic facilities required to establish a pen test lab ... Surely you can pull a few boxes together,install different OS'es on each ... I find that by testing exploits in the lab, ... I most often find myself using a number of old servers ... Need to secure your web apps NOW? ... (Pen-Test) Re: Basic facilities required to establish a pen test lab ... Surely you can pull a few boxes together,install different OS'es on each ... I find that by testing exploits in the lab, ... I most often find myself using a number of old servers ... Need to secure your web apps NOW? ... (Pen-Test) Re: 2 SBS Servers on same Physical Network. ... Lab schedule got bumped due to billable time on a holiday weekend. ... information between the two servers. ... I have setup many SBS servers, ... (microsoft.public.windows.server.sbs) Problem with LSI Megaraid 320 ... I'm in charge of a e-governance lab in India. ... We have recently acquired Acer Altos G710 servers. ... The lab is switching over to RHEL completely. ... (comp.unix.solaris)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(15)