strange iptables log entry
Matthew Carpenter
matt
Mon May 17 12:00:45 PDT 2004
This could have been someone who had recently been on another network
with different IP ranges. Since 67 and 68 are used for DHCP/BOOTP, this
might have been a windows machine requesting it's last known IP address
from a DHCP server address which took the packets through your
firewall. Without more knowledge of the firewall, your routing, and the
actual firewall logs I'm afraid I can't be much more specific.
M.W. Chang wrote:
> Was it some kind of spoof attack? My private domain is 192.168.2.x
>
>> On Fri, 19 Mar 2004, M.W. Chang wrote:
>>
>>> My firewall logged this IP trying to access port 68. What is
>>> prisoner.iana.org? It seems that it doesn't exist at all.
>>
>>
>> Exactly. 192.168.xxx.xxx is an unroutable IP block, same as 10.xxx.
>>
>>> toylet at server: > dig -x 192.168.128.6
>>
>
>
More information about the Linux-users
mailing list