Re: Denied Packets from Internal Network

From: David (thunderbolt01@netscape.net)
Date: 04/08/02


From: David <thunderbolt01@netscape.net>
Date: Mon, 08 Apr 2002 14:54:25 -0500

Randy C wrote:
> I have a Caldera install on my network server. I am using a proxy server
> with an ipchains type firewall. I recently noticed entries in my log file
> that indicate my server's internal IP is trying to send out packets about
> every one second and the port number increases by 3 each time. Is this the
> result of someone from the outside trying to route packets through my
> internal network and to make it look like they are coming from my system?
>
> The log entry looks like
>
> Apr 8 time machine_name kernel: Packet log: input DENY eth1 PROTO=17
> 192.168.1.1:1499 L=44 S=0x00 I=31239 F=0x000 T=128 (#24)
>

Take a look at rule number 24 on your firewall. It is what is "DENY"ing
the packet thus the (#24) at the end of the line.

-- 
Confucius say: He who play in root, eventually kill tree.
Registered with the Linux Counter.  http://counter.li.org



Relevant Pages

  • Re: behavior of recvmmsg() on blocking sockets
    ... unnecessary context switching. ... found a model that scales as well for me. ... interfaces/drivers out there that could queue packets to the kernel ... network server is robbed from the other work. ...
    (Linux-Kernel)
  • Re: Denied Packets from Internal Network
    ... >I have a Caldera install on my network server. ... >result of someone from the outside trying to route packets through my ... >internal network and to make it look like they are coming from my system? ... your IP but please don't delete destination port. ...
    (comp.os.linux.security)
  • Denied Packets from Internal Network
    ... I have a Caldera install on my network server. ... I recently noticed entries in my log file ... result of someone from the outside trying to route packets through my ... internal network and to make it look like they are coming from my system? ...
    (comp.os.linux.security)