Where is incoming traffic coming from?
drew einhorn
drew.einhorn at gmail.com
Mon Aug 3 02:26:16 UTC 2009
On Sun, Aug 2, 2009 at 6:25 PM, Amedee @ Ubuntu <amedee-ubuntu at amedee.be>wrote:
>
> On Sun, August 2, 2009 18:17, drew einhorn wrote:
> > What's upstream from the box that's receiving the mystery traffic?
>
> The box itself is a Xen DomU, upstream it's a Xen Dom0, and upstream from
> there it's the hetzner.de datacenter somewhere in Bavaria. Several hundred
> km from where I live so no hands on.
> Perhaps I should have mentioned that earlier?
The Dom0 is the best and easiest place to capture the traffic to be analyzed
in this case.
Things would be very difficult if the Dom0 admin was not cooperating.
That's what the other guy did (who runs the Dom0). He sent me the
> wireshark analysis and that showed a lot of traffic from 193.190.67.15
> (Belnet).
Fortunately the Dom0 admin is cooperating.
--
Drew Einhorn
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20090802/4ab5303e/attachment.html>
More information about the ubuntu-users
mailing list