Re: OT: what are all these probes from my firewall log????

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Fri, Aug 17, 2012 at 09:18:01PM -0600, Devin Reade wrote:
> fred smith <fredex@xxxxxxxxxxxxxxxxxxxxxx> wrote:
> > On Thu, Aug 16, 2012 at 09:20:52PM -0700, John R Pierce wrote:
> 
> >> this is on your eth0 side, I'm assuming thats the WAN side of your 
> >> firewall/gateway ?    if so, then yes, I imagine its something at your 
> >> ISP, you might ask them what these are.
> > 
> > Yup, that's the WAN side of the router. I'll go yell at them, probably
> > tomorrow.
> 
> I wouldn't bother.

thanks for the info. I didn't really expect to get any swift action,
I kinda figured "it is what it is, like it or lump it" would be their
response. but I still might drop them an email with some log excerpts
just to see how they respond. I'm retired, I have plenty of time! :)

> 
> Depending on the demarc equipment used by your ISP and how they have
> their network configured, you can wind up seeing this kind of crap
> and there's bugger-all that you can do about it
> 
> For example, with a cable modem, your assigned upstream segment
> might be network-A, but other people in your neighborhood might be
> on network-B, both serviced by the same RF carrier.  You shouldn't
> see unicast traffic for your neighbors, but you could very well see
> broadcast (and dhcp is the most likely culprit).  I know of a 
> particular case where the ISP will assign statics out of one pool,
> dynamic IPs out of the other pool, a single modem will service
> machines out of both pools, and therefore you also see broadcast
> out of both pools.
> 
> This isn't specific to cable.  With both cable and DSL providers
> I've seen both the only-see-your-own-traffic situation and the
> see-your-neighbors-broadcast situation.  It all depends on the
> equipment and the configuration.  And when I mean configuration,
> I'm talking about for everyone in your node, if not for your 
> whole city.  So it's unlikely that your ISP will change it just
> for you.
> 
> But if you still want to call them, fill your boots ...
> 
> Devin
> -- 
> He is a prime candidate for natural deselection.
> 
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos

-- 
---- Fred Smith -- fredex@xxxxxxxxxxxxxxxxxxxxxx -----------------------------
  "For him who is able to keep you from falling and to present you before his 
 glorious presence without fault and with great joy--to the only God our Savior
 be glory, majesty, power and authority, through Jesus Christ our Lord, before
                     all ages, now and forevermore! Amen."
----------------------------- Jude 1:24,25 (niv) -----------------------------
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux