Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Linksys BEFSR41v4: When is a firewall not a firewall?




Tom Metro-16 wrote:
> 
> Don Levey wrote:
>> Why are these attempts getting past the Linksys in the first place, and
>> How are they being directed to this one machine?
> 
> Is the target machine running a protocol that makes outbound UDP 
> connections on random ports? DNS perhaps?
> 
> UDP is not stateful, and once your router sets up a NAT table entry for 
> the outbound packet, it may not be restricting the source IP of the
> replies.
> 
> (Some VPNs take advantage of an aspect of this to accomplish NAT 
> traversal...
> 

Don, can you afford to shut everything down and run the target machine with
no outbound packets allowed for a day or so and see if the problem goes
away? If it does, then yes as Tom suggests, some outbound pseudo-connection
over UDP is opening up a path back in. (This was my first thought as well.)

-- 
View this message in context: http://www.nabble.com/Linksys-BEFSR41v4%3A-When-is-a-firewall-not-a-firewall--tp24702395s24859p24722984.html
Sent from the Boston Linux/UNIX General Discussion List mailing list archive at Nabble.com.







BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org