Hi William,
> Why I say it is spooky is that the attacks continue even if this machine is
> turned off and disconnected totally from the network. Obviously someone is
> spoofing the address. They stop only if I take down my dsl link to my isp, so
> clearly they are not local.
It should be obvious on which interface the packets are coming in. This is
probably not your internal interface.
The fact that this person is spoofing a reserved IP address probably means
that he is on your ISP's subnet, because these packets should not be routed
through the internet. So you could contact your ISP to take action against
him/her.
To feel a little more secure you could change your local subnet IP range.
This also gives you the ability to set a route to your old subnet over your
external interface and poke back a little.
Bye,
Leonard.
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
