Re: [suse-security] Problems with rules of anti spoofing
20 Nov
2002
20 Nov
'02
10:56
On 19 Nov 2002, Fabio Sena wrote:
Nov 19 14:31:10 fwpro kernel: SuSE-FW-DROP-ANTI-SPOOF IN=ppp0 OUT= MAC= SRC=10.10.40.251 DST=255.255.255.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=1185 PROTO=UDP SPT=138 DPT=138 LEN=209 Nov 19 14:31:10 fwpro kernel: SuSE-FW-DROP-ANTI-SPOOF IN=ppp0 OUT= MAC= SRC=10.10.40.251 DST=255.255.255.255 LEN=229 TOS=0x00 PREC=0x00 TTL=128 ID=1185 PROTO=UDP SPT=137 DPT=137 LEN=209
there is nothing special. After you've authentificated successful, the remote server send NetBIOS broadcasts (you know: Network Neighborhood etc.). If you allow that your host will be listed there, allow these ports, otherwise it might be wise to just reject but not log them. Achim
8079
Age (days ago)
8079
Last active (days ago)
0 comments
1 participants
participants (1)
-
Achim Hoffmann