On Thu, 2003-09-18 at 10:23, Pep Serrano wrote: > But is this the real cause of our martian logs? > > > > On Sep 18, Roland Freeman <rolandfreeman@xxxxxxxxx> wrote: > > > Pep, we have the same problem. My P-t-P router has a private ip address > > > too. Everything works properly, except the marsians log. > > > A private IP address as gateway is not necessarily a problem. ISP's use > > this to save IP addresses and it is in no way bad for anyone. As long as > > they are not used in the route back to you, which isn't the case as you > > stated. > > > Last night I spent some time with ethereal tracking my traffic between the > loopback and my ppp0. I could see there are some packets from localhost on > port 80 to random ports of ppp0. This packet repeats abour every minute. I > closed almost all services, disabled routing, no applications... lsof didn't > show any process using localhost:80, and yet the werid traffic was still > there. > That would be incoming web requests from machines on the other side of your modem. Probably someone trying to see if you're running a web server. Log the packets and inspect the contents. > > Cheers > Pep Serrano. -- -- Raymond Leach <raymondl@xxxxxxxxxxxxxxxxxxxxxx> Network Support Specialist http://www.knowledgefactory.co.za "lynx -source http://www.rchq.co.za/raymondl.asc | gpg --import" Key fingerprint = 7209 A695 9EE0 E971 A9AD 00EE 8757 EE47 F06F FB28 --
Attachment:
signature.asc
Description: This is a digitally signed message part