Mailinglist Archive: opensuse-security (465 mails)

< Previous Next >
Re: [suse-security] request for help with log entries
  • From: "Thorsten Marquardt" <thom@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
  • Date: Fri, 7 Dec 2001 12:23:19 +0000 (MEST)
  • Message-id: <200112071223.MAA17289@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Hi,

Ray wrote:
>
> On Wed 05 Dec 01 18:21, Wieland Gmeiner wrote:
> > Dear list!
> >
> > I can't figure out the meaning of entries in
> > /var/log/firewall :
> > [...]
> > Dec 5 00:20:07 w1 kernel: SuSE-FW-UNALLOWED-TARGETIN=eth0 OUT=
> > MAC=01:00:5e:00:00:01:00:20:40:e5:b4:35:08:00 SRC=192.168.100.1
[...]
> > Dec 5 00:44:07 w1 kernel: SuSE-FW-UNALLOWED-TARGETIN=eth0 OUT=
> > MAC=01:00:5e:00:00:01:00:20:40:e5:b4:35:08:00 SRC=192.168.100.1
> > DST=224.0.0.1 LEN=28 TOS=0x00 PREC=0xC0 TTL=1 ID=0 PROTO=2
> > [...]
> >
> It seems like your machine at 192.168.100.1 is trying to contact machine at
> 224.0.0.1 and is being denied by the firewall.
>
since I saw similar requests comming from 3Com SuperStack Switches I wonder what
they are good for. These Switches are configuerd to be administrated via IP and
have no administrator password set by default. I think this is a serios security
problem if sutch switches are directly connected to the internet.

Yours Thom

--

-------------------------------------------------------------------
bye bye (c) by Thom | Thorsten Marquardt
| EMail: THOM@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
| Member of the pzt project.
| http://kaupp.chemie.uni-oldenburg.de/pzt
-------------------------------------------------------------------


< Previous Next >
References