Denied Packets?
Tom Metro
tmetro-blu-5a1Jt6qxUNc at public.gmane.org
Fri Aug 27 00:47:11 EDT 2010
Chris Ampenberger wrote:
> Denied 514 packets on interface eth0
> From 24.126.108.211 - 3 packets to udp(15974)
> From 71.10.172.122 - 3 packets to udp(15974)
> From 72.18.205.156 - 1 packet to udp(38229)
> From 149.20.54.20 - 1 packet to udp(35103)
> From 169.229.70.201 - 1 packet to udp(36554)
>
> I noticed the following denied packet messages in logwatch today. All of
> these are outside my home network and I wonder how they even got through
> the Linksys WRT654G router.
UDP is stateless, so if a machine on your LAN sends out a UDP packet on
port 15974, most NAT routers will pass through any reply directed at
that port. (Some NAT traversal technologies take advantage of this by
having both ends - each behind a NAT router - fire packets at each other.)
> The IP addresses are from all over the place - comcast, freeip, charter,
> Germany, Denmark,
Not unexpected if your UDP application was something like a BitTorrent
client.
-Tom
--
Tom Metro
Venture Logic, Newton, MA, USA
"Enterprise solutions through open source."
Professional Profile: http://tmetro.venturelogic.com/
More information about the Discuss
mailing list