network security related question
Nils Kassube
kassube at gmx.net
Fri Feb 27 17:34:31 UTC 2009
Vitorio Okio wrote:
> I'm behind Linksys WRT54 router with DD-WRT v.24 on it with the
> router SPI firewall enabled.
>
> I also have Firestarter running on my Ubuntu 8.04.
> But today I've noticed a huge number of incoming connections reported
> blocked by Firestarter. All of them are of ICMP protocol, and my
> understanding is they are either pings, or simple port scans, or
> something of the kind.
> My question is how do they ever reach my Firestarter? How they go
> through my NAT router? I thought they are supposed to be blocked on
> that level.
Could it be that you have your router configured in a way that makes
your Ubuntu machine the "default server"? Maybe it has a different name
in your router software. If you have enabled this option you don't
block anything with your NAT setup. Then everything received by the
router will be sent to your Ubuntu machine unless you have an extra
filter to block specific traffic.
Nils
More information about the ubuntu-users
mailing list