Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Fwd: Re: Denied Packets?



On 08/27/2010 12:47 AM, Tom Metro wrote:
> Chris Ampenberger wrote:
>  =20
>> Denied 514 packets on interface eth0
>>    From 24.126.108.211 - 3 packets to udp(15974)=20
>>    From 71.10.172.122 - 3 packets to udp(15974)=20
>>    From 72.18.205.156 - 1 packet to udp(38229)=20
>>    From 149.20.54.20 - 1 packet to udp(35103)=20
>>    From 169.229.70.201 - 1 packet to udp(36554)=20
>>
>> I noticed the following denied packet messages in logwatch today. All =
of
>> these are outside my home network and I wonder how they even got throu=
gh
>> the Linksys WRT654G router.=20
>>    =20
> UDP is stateless, so if a machine on your LAN sends out a UDP packet on=

> port 15974, most NAT routers will pass through any reply directed at
> that port. (Some NAT traversal technologies take advantage of this by
> having both ends - each behind a NAT router - fire packets at each othe=
r.)
>
>
>  =20
>> The IP addresses are from all over the place - comcast, freeip, charte=
r,
>> Germany, Denmark,=20
>>    =20
> Not unexpected if your UDP application was something like a BitTorrent
> client.
>
>  -Tom
>
>  =20
Hmm. Thanks for the explanation. I'm still a bit puzzled, because there
shouldn't be anything UDP except samba and ntp, certainly not a
BitTorrent client. I guess I have to do some more digging.











BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org