[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Martian Source



> On Mit, 23 Okt 2002, Raymond Leach wrote:
>
>>Could be something like a smurf attack. A workstation pretending to be
>> all the addresses on the network ....
>
> Right, we have those "martian source" loggings on the external interface
> at our inner FW, too ;)
>
> But it also can come from the inner network, when you configure a
> machine on the same hub/switch with different Network-Adresses (eg: you
> have 192.168.0.0/24, but your normal network have 10.0.0.0/24)
is there a possibility to find out? is there a small tool somewhere around?
>
> These times i cant see any security related problems at all - but any
> comments are welcome...
i found a lot of entries on google, unfortunately i am not a technician so
it was not really helpful...see
http://www.geocrawler.com/archives/3/287/2000/8/0/4275081/
http://boudicca.tux.org/mhonarc/ma-linux/2001-Jan/msg00370.html
..perhaps a little helper...thanx for ur help!
>
>
> Greetings,
> --
> Jörg Henner                              Fon:  +49 (7 11) 48 90 83 - 0
> ETES - EDV-Systemhaus GbR                Fax:  +49 (7 11) 48 90 83 - 50
> Libanonstrasse 58 A * D-70184 Stuttgart  Web: http://www.etes.de




-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here