Re: Datagrams from 10.20.11.xx
From: nickd@nospam.demon.co.ukDate: 03/08/02
- Previous message: scan: "Re: Need a port scan 166.82.95.103"
- In reply to: sponge: "Re: Datagrams from 10.20.11.xx"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: nickd@nospam.demon.co.uk Date: Fri, 08 Mar 2002 00:58:11 GMT
sponge <mtubi@python.net> wrote:
<snip>
> In any case, 10.x.x.x is usually an internal network. Although some
> elements of it can be accessed as such, it's normally nothing to worry
> about. Do a tracerout and you'll probably find that your local router
> -- and maybe even all your ISPs routers -- will have 10-something
> addresses.
Occasionally, some ISPs do it, many don't.
> Keep in mind that a LOT of IP space is reserved for specialized and
> "internal" features like this, and there are many chunks of IP
> addresses which are not available to the public.
Google for "RFC 1918".
<snip Trackers mild madness>
>>> My firewall is warning that my computer is being contacted (via UDP)
>>> from 10.20.11.21, 10.2011.55, 10.20.11.85 and the like addresses. I have
>>> looked in ARIN, and 10.xx.xx.xx are _reserved_ addresses.
>>> Should I worry about these contacts? What they mean?
>>> The sender is quite insistent, about once per hour in last
>>> three days
I wouldn't worry, Either they're stray packets, or someone isn't faking
their source very well. Do you see other packets at the same time?
Any more details would be useful though, such as the port numbers involved.
-- "Anyone with the naivety to run IIS is, IMHO, automatically suspect when it comes to doing anything technical, such as setting a clock."
- Next message: Kevin Davisł: "Re: NAT vs. True Firewalls"
- Previous message: scan: "Re: Need a port scan 166.82.95.103"
- In reply to: sponge: "Re: Datagrams from 10.20.11.xx"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
