Linksys = odd FW log entries
From: mhicaoidh (mhic_aoidh@hotmail.NïX.com.SPäM)Date: 10/27/02
- Next message: Eric Johnson: "Re: Cisco Pix: Session timeout and idle timeout"
- Previous message: Jim: "Re: ZA Pro and NAV both stall, then disappear"
- Next in thread: mhicaoidh: "Re: Linksys = odd FW log entries"
- Reply: mhicaoidh: "Re: Linksys = odd FW log entries"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "mhicaoidh" <mhic_aoidh@hotmail.NïX.com.SPäM> Date: Sun, 27 Oct 2002 04:28:28 GMT
I have two Win98SE machines that are networked together, and share one
folder each with the other computer. One is a desktop and the other is a
laptop. I just added a Linksys SR41 router to my setup. so that the laptop
could use my broadband connection too. For the first few days, I was
noticing (as expected) that I was no longer seeing general traffic blockages
in my FW logs (ZA Plus v3.1.395). However, yesterday, I noticed about 43
entries in the log which made no sense to me.
Most of them appear to be "IP protocol" related, but a couple were
tagged as "NetBIOS Session." What really seems odd to me is that the source
IPs (all in the 192 IP range) are in the wrong order, and all of the
destination IPs don't match my external or internal(*) IPs. An example of
one log entry is, "Packet sent from xxx.xxx.xxx.xxx to xxx.xxx.xxx.xxx (IP
Protocol 0) was blocked." The direction (which is usually "incoming" or
"outgoing") is listed as "routed."
Now, for the (*) above: While the destination IP doesn't match my
internal IPs, it is a mixed up version of one of my machines. The log
entries appear on my desktop machine. However, the destination IP is a
mixed up version of my laptop's IP. If the laptop's IP is normally in the
form of "A.B.C.D" the destination IP on my desktop is in the form "C.D.A.B"
... the source IPs share this same "C.D.A.B" form.
I am certain that this traffic is related to the functioning of the
router, as I have never seen anything like it in my logs before installing
it. I am also not too concerned about it (from a security stand point),
since the FW is blocking it. But, I would like to know what the root cause
of this is so I can either fix the problem, or have a better time ignoring
it. Other than the above, my connections are excellent, and both systems
are running perfectly. Any insight would be much appreciated.
TIA
- Next message: Eric Johnson: "Re: Cisco Pix: Session timeout and idle timeout"
- Previous message: Jim: "Re: ZA Pro and NAV both stall, then disappear"
- Next in thread: mhicaoidh: "Re: Linksys = odd FW log entries"
- Reply: mhicaoidh: "Re: Linksys = odd FW log entries"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
