I did a little bit of research, and it appears to be a
known bug in some tcp stack or another. Nobody seems to
know exactly where it's comming from, but the feeling is
that it's not malicious. Check out the following link (and
it's follow up messages) for more info, as well as a fix of
sorts.
http
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
A long time ago, in a galaxy far, far way, someone said...
> Packet log: input REJECT eth0 PROTO=17 65.6.x.x:513
> 65.255.255.255:513
> L=160 S=0x00 I=20143 F=0x T=64 (#5)
> 24.7.73.5 sent an invalid ICMP error to a broadcast.
> 24.7.73.5 sent an
On Thu, Apr 19, 2001 at 03:21:14PM -0500, John Patton wrote:
> Whoops... what was I thinking??? udp port 513 is the who
> service, which could conceivably be used for malicious
> purposes. None-the-less, silently denying messages not
> intended for you will still solve that part of the problem.
We
Whoops... what was I thinking??? udp port 513 is the who
service, which could conceivably be used for malicious
purposes. None-the-less, silently denying messages not
intended for you will still solve that part of the problem.
On Thu, Apr 19, 2001 at 04:12:35PM -0400, Noah L. Meyerhans wrote:
> On
On Thu, Apr 19, 2001 at 03:09:34PM -0500, John Patton wrote:
> Hmmm... that is rather strange. PROTO=17 is the icmp
> protocol, but there is definately no icmp type 513.
You must be running a different IP implementation than the rest of the
world. Look up protocol 17 in /etc/protocols.
noah
--
Hmmm... that is rather strange. PROTO=17 is the icmp
protocol, but there is definately no icmp type 513. Also,
according to the log, you are receiving a packet from your
address over your ethernet card... which is questionable
at best. However, I can't think of any hacking purpose
for sending such
On Thu, Apr 19, 2001 at 01:38:07PM -0600, Robert Kerr wrote:
> I'm using a cable modem, and have it firewalled at my box. Every now and
> then I get the following messages on the current console
>
> Packet log: input REJECT eth0 PROTO=17 65.6.x.x:513
> 65.255.255.255:513
> L=160 S=0x00 I=20143 F=
I'm using a cable modem, and have it firewalled at my box. Every now and
then I get the following messages on the current console
Packet log: input REJECT eth0 PROTO=17 65.6.x.x:513
65.255.255.255:513
L=160 S=0x00 I=20143 F=0x T=64 (#5)
24.7.73.5 sent an invalid ICMP error to a broadcast.
24.
8 matches
Mail list logo
