Mailinglist Archive: opensuse (1445 mails)

< Previous Next >
Re: [opensuse] Unusual traffic through eth0
On 12/03/12 09:54, Per Jessen wrote:
Bob Williams wrote:

Last night, I noticed a regular pattern of blips in gkrellm's eth0
monitor. There were no internet active programs, such as e-mail or web
browser running, so I started Wireshark to see what was happening.

Apart from the expected chatter between this machine and the router,
the following two lines repeated over and over, and it is continuing
on rebooting the machine this morning:

Source Destination Protocol Info
217.14.132.183 192.168.1.14 SIP Status: 100 Trying (0
bindings)
217.14.132.183 192.168.1.14 SIP Status: 401
Unauthorized (0 bindings)

Is this entirely innocent, or should I contact abuse@Domainmaster (see
below)?

Perhaps not entirely innocent (SIP attempts for VoIP), but I would have
thought your firewall should be blocking such traffic?


Really? I do run skype from time to time, and have tried out ekiga, so
maybe the SIP protocol is allowed. The only services I have explicitly
allowed in YaST Firewall Configuration are Rsync server, Secure Shell
server and xntp server.

All the above traffic seems to be one way, in other words, I never see
my machine sending a reply, I am always the destination, never the source.

Thanks for your help.

Bob
--
Bob Williams
System: Linux 3.1.9-1.4-desktop
Distro: openSUSE 12.1 (x86_64) with KDE Development Platform: 4.7.2
(4.7.2) "release 5"
Uptime: 18:00pm up 5 days 0:29, 3 users, load average: 0.23, 0.15, 0.14
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups