> Today I had a whole bunch of large ICMP packages on the company's LAN (about
> 20).
> Interesting is, that they came mostly from the Windows 2000 Servers. I
> discovered the first of these packages 2 or 3 weeks ago.
> These packets are long (2090 Bytes) and not filled with nulls, but with
> more
' matches returned ident connections and/or
can forward ident connection to machine that actually originated outgoing
connection instead of only recieving ident connection on
iptables/netfilter machine itself.
-enyc
rections using OpenSSH'es port forwarding, but this means logging in
each time etc...
Just thoughts, anyway... Btw -- ?maybe you should be using a different
mailing list, not debian-security?.
-enyc
filesharing (netbios-over-tcp/ip) 'nonsense traffic' all the
time.. It seems to be normal really, to be honest! Ignore it!
You are likely to see lots of DENY's aimed at 'port 135' TCP (to do with
windoze RPC (remote procedure call) to do with viruses (like m$blast)
that infect 3vil windoze comptuers!
P.s. -- ?what program or debian-package are you getting these firewall log
messages from -- they don't look like linux 'dmesg' errors?!
-enyc <[EMAIL PROTECTED]>
rmally allow things to be updated unless a vulnerability
has been proved to really exist??
I'm confused and would like to know what others think!
-enyc <[EMAIL PROTECTED]>
> ... but on a second thought: how do I find this information out ion my
> own and what does "SMP" stand for?
Not sure about your first question -- but SMP = Symettric Multi-Processor
(e.g. more than 1 CPU in 1 motherboard/mothercard)...
> Joh
[EMAIL PROTECTED]
> Today I had a whole bunch of large ICMP packages on the company's LAN (about 20).
> Interesting is, that they came mostly from the Windows 2000 Servers. I
> discovered the first of these packages 2 or 3 weeks ago.
> These packets are long (2090 Bytes) and not filled with nulls, but with
> more or
' matches returned ident connections and/or
can forward ident connection to machine that actually originated outgoing
connection instead of only recieving ident connection on
iptables/netfilter machine itself.
-enyc
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
rections using OpenSSH'es port forwarding, but this means logging in
each time etc...
Just thoughts, anyway... Btw -- ?maybe you should be using a different
mailing list, not debian-security?.
-enyc
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
filesharing (netbios-over-tcp/ip) 'nonsense traffic' all the
time.. It seems to be normal really, to be honest! Ignore it!
You are likely to see lots of DENY's aimed at 'port 135' TCP (to do with
windoze RPC (remote procedure call) to do with viruses (like m$blast)
that infe
rmally allow things to be updated unless a vulnerability
has been proved to really exist??
I'm confused and would like to know what others think!
-enyc <[EMAIL PROTECTED]>
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
> ... but on a second thought: how do I find this information out ion my
> own and what does "SMP" stand for?
Not sure about your first question -- but SMP = Symettric Multi-Processor
(e.g. more than 1 CPU in 1 motherboard/mothercard)...
> Joh
[EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMA
12 matches
Mail list logo
