Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Denied Packets?



Chris Ampenberger wrote:
> Denied 514 packets on interface eth0
>    From 24.126.108.211 - 3 packets to udp(15974) 
>    From 71.10.172.122 - 3 packets to udp(15974) 
>    From 72.18.205.156 - 1 packet to udp(38229) 
>    From 149.20.54.20 - 1 packet to udp(35103) 
>    From 169.229.70.201 - 1 packet to udp(36554) 
>
> I noticed the following denied packet messages in logwatch today. All of
> these are outside my home network and I wonder how they even got through
> the Linksys WRT654G router. 

UDP is stateless, so if a machine on your LAN sends out a UDP packet on
port 15974, most NAT routers will pass through any reply directed at
that port. (Some NAT traversal technologies take advantage of this by
having both ends - each behind a NAT router - fire packets at each other.)


> The IP addresses are from all over the place - comcast, freeip, charter,
> Germany, Denmark, 

Not unexpected if your UDP application was something like a BitTorrent
client.

 -Tom

-- 
Tom Metro
Venture Logic, Newton, MA, USA
"Enterprise solutions through open source."
Professional Profile: http://tmetro.venturelogic.com/






BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org