Hey,
Got another one for y'all. Port 67 on UDP seems to be the bootstrap
protocol. This was reported coming into my external firewall interface.
> (1) May 22 15:22:25 router 25 deny: UDP from 0.0.0.0.1029 to 255.255.255.255.67
> (1) May 22 15:22:27 router 25 deny: UDP from 0.0.0.0.1030 to 255.255.255.255.67
> (1) May 22 15:22:30 router 25 deny: UDP from 0.0.0.0.1031 to 255.255.255.255.67
> (1) May 22 15:22:32 router 25 deny: UDP from 0.0.0.0.1032 to 255.255.255.255.67
> (1) May 22 15:22:35 router 25 deny: UDP from 0.0.0.0.1033 to 255.255.255.255.67
Am I right in thinking that this might be some misconfigured client
outside the firewall? The thing that bugs me here is the lack
of routable IP on the return address.
I like being able to report on these kinds of things, but I wouldn't
know where to go with this, except my upstream ISP.
Thanks,
Joshua
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
