wierd firewall thing!

To: "Debian User Group" <debian-user@lists.debian.org>
Subject: wierd firewall thing!
From: "Marc-Adrian Napoli" <marcadrian@cia.com.au>
Date: Tue, 21 Aug 2001 11:59:26 +1000
Message-id: <[🔎] 026d01c129e4$e81bc1a0$88db3fcb@cia.com.au>
References: <[🔎] 20010820024321.15925.qmail@web4307.mail.yahoo.com> <[🔎] 20010820023802.B1822@iname.com>

hi all,

we have a linux (2.2 debian) firewall with two eth cards running here.
ip_forward is 1 and on each side of the firewall is a /25.

packets are routed through okay but a couple of days ago i noticed something
*very* strange.

packets coming into eth0 were not only going out eth1 (as they should) but
also being spat back out eth0 with a destination mac address of all f's.
this meant that al machines on the eth0 side of the network could see the
packets going through the machine.

i rebooted the server and all was well but apart from being a security
compromise, does any one have any idea how that could have happened?

Regards,

Marc-Adrian Napoli
Network Administrator
Connect Infobahn Australia
+61 2 9212 0387

Reply to:

References:
- Video card and CD-rom or CD_RW recommendations
  - From: Abner Gershon <abner_gershon@yahoo.com>
- Re: Video card and CD-rom or CD_RW recommendations
  - From: Rogério Brito <rbrito@ime.usp.br>

Prev by Date: Re: HTML composer ?
Next by Date: Re: Potato to woody problem
Previous by thread: Re: Video card and CD-rom or CD_RW recommendations
Next by thread: Strange system lockups.
Index(es):
- Date
- Thread