Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Linksys BEFSR41v4: When is a firewall not a firewall?

Tom Metro-16 wrote:
> Don Levey wrote:
>> Why are these attempts getting past the Linksys in the first place, and
>> How are they being directed to this one machine?
> Is the target machine running a protocol that makes outbound UDP 
> connections on random ports? DNS perhaps?
> UDP is not stateful, and once your router sets up a NAT table entry for 
> the outbound packet, it may not be restricting the source IP of the
> replies.
> (Some VPNs take advantage of an aspect of this to accomplish NAT 
> traversal...

Don, can you afford to shut everything down and run the target machine with
no outbound packets allowed for a day or so and see if the problem goes
away? If it does, then yes as Tom suggests, some outbound pseudo-connection
over UDP is opening up a path back in. (This was my first thought as well.)

View this message in context:
Sent from the Boston Linux/UNIX General Discussion List mailing list archive at

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /