[gpl] smurfing
Pietro Leone
leone at diff.org
Sat Oct 16 10:07:50 UTC 2004
Ave Samuel Gordon-Stewart,addi` 10/14/2004 10:25 AM vergasti:
> --- Pietro Leone <leone at diff.org> wrote:
>
>>Hallo, ntop server inside my network send me this
>>log (it was longer):
>>2004-10-06 12:57:43 ALARM smurfing
>>192.168.1.3->239.255.255.253 [ICMP_ECHO]
>
> <A few million similar entries snipped>
>
>>I know what is a smurf attack, but I was supposed to
>>be protected by my
>>smoothie, so why this log?
>
> If you look closely, the ICMP Echo is going FROM
> 192.168.1.3 TO 239.255.255.253.
> SW protects internal networks from the internet, not
> the other way around.
I saw, but, I never ping-ed such address, so why this entries into my
log files? I know that smootwall protects my network from the outside,
but what this log means? I suppose there is a program that try to ping
that address. How can I discover the program that create this traffic?
After this, probably I'll configure my smoothie to limit the outgoing
traffic too.
> samuel
Thanks, Pietro.
--
I will build myself a copper tower
With four ways out and no way in
But mine the glory, mine the power
(So I chose AmigaOS and GNU/Linux)
--
I will build myself a copper tower
With four ways out and no way in
But mine the glory, mine the power
(So I chose AmigaOS and GNU/Linux)
More information about the ubuntu-users
mailing list