Hello, I am a new debian user and someone still learning linux. I have a
small problem. In my company ( which is a microsoft developer ) I insisted on using a
firewall created with Ipchains of 3
zones ( dmz - local - internet ) on a Intel Pentium Pro processor machine
running Debian 2.2r3 on it ( base system + mc + tcpdump + nano ) instead of
Microshit's ISA Server. Strangely
enough one of the interfaces ( the internet interface ) completely at arbitrary
times start sending packets to itself. Packet proto=1 sourceip:3 rd port
to sourceip:1 st port s=0xc0 f=0x0000 t=255 log says. As far as I understand
from this log the packet sent is an ICMP packet from port 3 to tcpmux port
( icmp's have ports ? knew they did not ) of size 13 hexadecimals not fragmented
and time to live is 255. But this is not possible. 1st no one can use this
machine as a terminal and no one can telnet to it's interfaces. 2nd rp_filter
is set to 1 for all interfaces ( in case of a spoof attack ) .
Can anyone
help me about that ? I am sure there is something I do not know but what
is it ?
Thanx
John.
Note : If I succeed on this debian firewall the ftp server will also be Linux and web
server as well .
_____________________________________________________________
Get your free e-mail account: http://www.petekmail.com
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
