hi roman,
but what about the internal-ip-range 192.168.0.x coming on my outbound-if?! shouldn't this ip has been masqueraded?! i thought about a specific ip-spoofing attack.
bye,
daniel
Well, it looks as if the packet indeed came from the outside. In which
case somebody somehow didn't get his masquerading rules set up and used
the 192.168 address as source IP for packets to the outside.
This is not forbidden. It's just that there's no way for some packet to
get back to the sender because routers shouldn't have a route for the
192.168 network. Sometimes it happens that some router (seen it in German
university networks sometimes) annouces a route for the private networks.
You can be sure that the admins enjoy themselves with all the mail that
comes in from people making fun of them. :-)
Roman.
--
- -
| Roman Drahtmüller