Strange behavior

To: debian-user@lists.debian.org
Subject: Strange behavior
From: John DOE <bacteria@petekmail.com>
Date: Thu, 5 Jul 2001 23:59:13 -0700 (PDT)
Message-id: <[🔎] 20010706065913.CF8CF2744@sitemail.everyone.net>
Reply-to: bacteria@petekmail.com

Hello, I am a new debian user and someone still learning linux. I have a small problem. My company is using a firewall created with Ipchains of 3 zones ( dmz - local - internet ) on a Intel Pentium Pro processor machine running Debian 2.2r3 on it ( base system + mc + tcpdump + nano ).  Strangely enough one of the interfaces ( the internet interface ) completely at arbitrary times start sending packets to itself. Packet proto=1 sourceip:3 rd port to sourceip:1 st port s=0xc0 f=0x0000 t=255 log says. As far as I understand from this log the packet sent is an ICMP packet from port 3 to tcpmux port ( icmp's have ports ? knew they did not ) of size 13 hexadecimals not fragmented and time to live is 255. But this is not possible. 1st no one can use this machine as a terminal and no one can telnet to it's interfaces. 2nd rp_filter is set to 1 for all interfaces ( in case of a spoof attack ) . 
Can anyone help me about that ? I am sure there is something I do not know but what is it ?  

Thanx
John.

_____________________________________________________________
Get your free e-mail account: http://www.petekmail.com

Reply to:

Follow-Ups:
- Re: Strange behavior
  - From: "Krzysztof Mazurczyk" <kmazurczyk@wskiz.poznan.pl>

Prev by Date: Re: networking windows and linux
Next by Date: Re: networking windows and linux
Previous by thread: networking windows and linux
Next by thread: Re: Strange behavior
Index(es):
- Date
- Thread