Dear Bryan,
The IP protocol 54 is NBMA Next Hop Resolution Protocol, this protocol is
used to find out tyhe shortest way between two points and is used by some
routing protocol, I am not sure, maybe the OSPF or something similar.
We got regular calls here using this protocol, but do not allow it to pass
our firewall. This obviously means that the calls cannot complete their
task - to find out the shortest way to reach our services to the Internet.
And I should like a discussion on this IP protocol to find out if there are
some advantages to us to allow it or if it can act as an entry of misuse to
map our site, thus possibly generating information to penetrate our site.
Comments are apperciated!
regards / Axel
> -----Ursprungligt meddelande-----
> Fr�n: Bryan Andersen [SMTP:[EMAIL PROTECTED]]
> Skickat: den 24 mars 2000 09:30
> Till: firewalls
> �mne: Portocal 54
>
>
> Protocal 54, NARP, NBMA Address Resolution Protocol (RFC1735),
> who's using it?
>
> I bounce a few packets for it every month. Here are a the ones that
> bounced earlier tonight. They came in as part of a page request to
> my web server, but didn't come in at the beginning as I would expect
> for an address resolution protocal. They came in the middle to end
> of the web page get transaction. The same goes for the ones I bounced
> last month.
>
> 21:03:08.572230 199.77.145.141 > 208.42.22.17: ip-proto-54 44 (ttl 18,
> id 0, optlen=4 IPOPT-148{4})
> 21:03:17.189441 199.77.145.141 > 208.42.22.17: ip-proto-54 44 (ttl 18,
> id 0, optlen=4 IPOPT-148{4})
> 21:03:26.997812 199.77.145.141 > 208.42.22.17: ip-proto-54 44 (ttl 18,
> id 0, optlen=4 IPOPT-148{4})
>
>
> --
> | Bryan Andersen | [EMAIL PROTECTED] | http://softail.visi.com |
> | Buzzwords are like annoying little flies that deserve to be swatted. |
> | -Bryan Andersen |
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
