[CentOS] OT: what are all these probes from my firewall log????
Devin Reade
gdr at gno.org
Sat Aug 18 03:18:01 UTC 2012
fred smith <fredex at fcshome.stoneham.ma.us> wrote:
> On Thu, Aug 16, 2012 at 09:20:52PM -0700, John R Pierce wrote:
>> this is on your eth0 side, I'm assuming thats the WAN side of your
>> firewall/gateway ? if so, then yes, I imagine its something at your
>> ISP, you might ask them what these are.
>
> Yup, that's the WAN side of the router. I'll go yell at them, probably
> tomorrow.
I wouldn't bother.
Depending on the demarc equipment used by your ISP and how they have
their network configured, you can wind up seeing this kind of crap
and there's bugger-all that you can do about it
For example, with a cable modem, your assigned upstream segment
might be network-A, but other people in your neighborhood might be
on network-B, both serviced by the same RF carrier. You shouldn't
see unicast traffic for your neighbors, but you could very well see
broadcast (and dhcp is the most likely culprit). I know of a
particular case where the ISP will assign statics out of one pool,
dynamic IPs out of the other pool, a single modem will service
machines out of both pools, and therefore you also see broadcast
out of both pools.
This isn't specific to cable. With both cable and DSL providers
I've seen both the only-see-your-own-traffic situation and the
see-your-neighbors-broadcast situation. It all depends on the
equipment and the configuration. And when I mean configuration,
I'm talking about for everyone in your node, if not for your
whole city. So it's unlikely that your ISP will change it just
for you.
But if you still want to call them, fill your boots ...
Devin
--
He is a prime candidate for natural deselection.
More information about the CentOS
mailing list