persistant connections?
Hi,
I'm bugged by the fact that I see this connection (see below) on my
firewall box. The windoze client that initiated it is switched off
since a few days back.
I searched the net trying to find som sort of explanation to the
phenomenon, but what I found was more or less dead ends, sotr of :(
# cat /proc/net/ip_conntrack | grep x.x.x.x
tcp 6
182837
ESTABLISHED
src=x.x.x.x dst=z.z.z.z
sport=1309 dport=443
[UNREPLIED]
src=z.z.z.z dst=y.y.y.y
sport=443 dport=1309
use=1
x.x.x.x - windoze client ip address on the internal network
y.y.y.y - firewall box, outside ip address
z.z.z.z - some web server running Microsoft-IIS/5.0
Has anyone seen this before?
Does anyone know what's going on behind the curtains?
Is there a way to kill these things?
Is there anything I can do to prevent this kind of thing (aside from
not using buggy windoze clients and not browsing to buggy web-servers
and not using buggy software to surf the net)?
I don't like rebooting the firewall box (which will cure the problem)
every time anything like this occurs.
Cheers,
Cristian
Reply to: