hi,
From: Gary Counsellor [mailto:sineigs@eskimo.com]
I have been seeing this since I started SFW2 and conect via ppp. Not sure why it's there, tried looking for clues as to why, who but found nothing meaningful. Figured it might be me and my isp (Well, I gotta think of something)
this is most likely your isp, because 224.0.0.1 is the address for IGMP, a multicast routing protocol. have a look at /etc/rc.config.d/firewall2-custom.rc.config, line 26 onward: #example: allow incoming multicast packets for any routing protocol iptables -A INPUT -j ACCEPT -d 224.0.0.0/24 it's nothing to worry about, if you don't have routing protocols enabled.
Usually I just copy error messages into google and find what I need to know but that didn't work this time. Any suggestions? I'd be happy just to stop seeing it reported but stopping it entirely, if feasible, would be cool also.
SuSE-FW-UNAUTHORIZED-TARGET IN=ppp0 OUT= MAC= SRC=209.244.43.100 DST=224.0.0.1 LEN=28 TOS=0x00 PREC=0x00 TTL=1 ID=24643 PROTO=2
i asked google about DST=224.0.0.1 and got this link (first page): http://lists.debian.org/debian-firewall/2001/debian-firewall-200108/msg00056 .html
Thanks for the help,
you're welcome :)
-- Gary Counsellor http://www.musician2000.com sineigs.all.attitudes@eskimo.com Please remove .all.attitudes before replying
regards, stefan
Hi out there! I have been told that Suse Firewall comes with a sort of "hack-proof" warranty, so if someone hacks you, they will provide you with a new firewall customized for you.. I need to prepare a quote for a company that have a close relationship with a local government agency, and they need a sort of "disclaimer" or "warranty" for the firewall. I know that almost no company gives such papers, but just wanted to know if someone here had ever dealed with such a problem. Ideas are pretty welcome... Thanks in advance Alejandro Lengua
* Alejandro Lengua - Virtual Orbis wrote on Wed, May 15, 2002 at 21:55 -0500:
I have been told that Suse Firewall comes with a sort of "hack-proof" warranty, so if someone hacks you, they will provide you with a new firewall customized for you..
Which can mean that this new firewall has no NIC and by this is relatively secure...
I need to prepare a quote for a company that have a close relationship with a local government agency, and they need a sort of "disclaimer" or "warranty" for the firewall.
I would really wonder if someone had such things. Maybe they sent you a new CD ROM when it's defective...
I know that almost no company gives such papers, but just wanted to know if someone here had ever dealed with such a problem.
In germany, we have the BSI that certifies products in different levels. In germany, government had to use BSI certified products for security purposes. I think this should be similar in your country. I do not know SuSE Firewall, but I guess it cannot be compared with $100.000+ systems (I would expect unneeded tools on the CD and so on, but as long as the requirements are not clear defined...). oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.
* Alejandro Lengua - Virtual Orbis (alengua@virtual-orbis.net) [020515 19:56]:
I have been told that Suse Firewall comes with a sort of "hack-proof" warranty, so if someone hacks you, they will provide you with a new firewall customized for you..
I've never seen any software that came with warranty.
I need to prepare a quote for a company that have a close relationship with a local government agency, and they need a sort of "disclaimer" or "warranty" for the firewall. I know that almost no company gives such papers, but just wanted to know if someone here had ever dealed with such a problem.
On the contrary, most software comes with a disclaimer that it's not even guaranteed to work for it's advertised purpose. -- -ckm
On Thu, May 16, 2002 at 11:04 -0700, Christopher Mahmood wrote:
* Alejandro Lengua - Virtual Orbis (alengua@virtual-orbis.net) [020515 19:56]:
I have been told that Suse Firewall comes with a sort of "hack-proof" warranty, so if someone hacks you, they will provide you with a new firewall customized for you..
I've never seen any software that came with warranty.
Huh? Didn't we recently have one of these regularly scheduled DJBware threads? Yes, there is such a thing like warranted functionality and features. It's just that it's not too popular a thing and gets shouted down by "oh, they are soooo different and support is hard to find -- I stick with what I did before and know about ...". Most people insist in repeating others' failures. virtually yours 82D1 9B9C 01DC 4FB4 D7B4 61BE 3F49 4F77 72DE DA76 Gerhard Sittig true | mail -s "get gpg key" Gerhard.Sittig@gmx.net -- If you don't understand or are scared by any of the above ask your parents or an adult to help you.
* Gerhard Sittig (Gerhard.Sittig@gmx.net) [020516 13:16]:
Huh? Didn't we recently have one of these regularly scheduled DJBware threads?
Well, yes OK. I almost wrote "with exception of DJB..." but didn't want to start another thread like that. DJB's guarantee is maybe better described as a $500 reward for finding holes. -- -ckm
On Thu, May 16, 2002 at 14:18 -0700, Christopher Mahmood wrote:
* Gerhard Sittig (Gerhard.Sittig@gmx.net) [020516 13:16]:
Huh? Didn't we recently have one of these regularly scheduled DJBware threads?
Well, yes OK. I almost wrote "with exception of DJB..." but didn't want to start another thread like that.
DJB's guarantee is maybe better described as a $500 reward for finding holes.
If this is not a warranty, how else would you define one? Not only do you get back all the money you invested ($0 for the software) but on top you get even more (the reward for finding the hole, paid out of DJB's own pockets). And -- what hasn't been mentioned above -- the author assures you that the tools work as designed and announced if you use what the author released and install it in the way the author told you to. This is IMHO an adequate request for the provided service. (BTW: SuSE wouldn't like to support anything the user modified either, would they? Let's not talk about taking responsibility for things which are not under your control ... Modifying source code and locations probably voids your support request as well as throwing switches in delivered sources (the kernel) makes the user responsible for his own action. And I'm sure SuSE wouldn't like to have a publisher grab their distro, manipulate it, tack it to a newspaper and still call it a SuSE distro while things might not work and it's not SuSE's fault at all.) Admittedly a warranty doesn't make bugs and problems go away magically. But when a vendor writes "there is no problem within the software and I'm so certain about it that I state this publically and return (and add) money in case I'm wrong" does it reflect the vendor's position (commitment) towards his product and raises your faith. And when the vendor is held responsible for being wrong, he will make sure it happens rarely or not at all. The above warranty is not a "best effort" statement. I'm not saying that software automatically is crap when there's no warranty coming with it. But I'm easier using software which is accompanied by one. Especially in the sensitive environment we are talking about. virtually yours 82D1 9B9C 01DC 4FB4 D7B4 61BE 3F49 4F77 72DE DA76 Gerhard Sittig true | mail -s "get gpg key" Gerhard.Sittig@gmx.net -- If you don't understand or are scared by any of the above ask your parents or an adult to help you.
participants (5)
-
Alejandro Lengua - Virtual Orbis
-
Christopher Mahmood
-
Gerhard Sittig
-
Peer Stefan
-
Steffen Dettmer