Hello,
Is the bootp coming from your internal net? Do you use DHCP? This uses
bootp, I filter out all broadcasts before it gets to my internal firewall
interface. External I allow only the protocol I want and bin the rest via
access list policy routing on cisco's hence my firewall as less to deal
with.
Gary
-----Original Message-----
From: Hal Dorsman [mailto:[EMAIL PROTECTED]]
Sent: 16 August 2000 15:01
To: '[EMAIL PROTECTED]';
[EMAIL PROTECTED]
Subject: RE: [FW1] Locate bootp device.
Greetings:
I have a rule with the source a group I created called
"garbage". In it I put various noisy protocols I can't
do anything about, like bootp, NBT, rip broadcasts etc..
I put this rule at the top of my rulebase, and set it
to no logging. This does not solve the problem of garbage
eating up bandwidth, but if that is not an issue, at least
you keep them out of your logs.
Hal
Hal Dorsman
Data Network Engineer
Blackfoot Telephone Cooperative
Missoula, Montana, USA
[EMAIL PROTECTED]
(406) 541-5106
-----Original Message-----
From: Frank Darden [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, August 16, 2000 7:39 AM
To: '[EMAIL PROTECTED]';
[EMAIL PROTECTED]
Subject: RE: [FW1] Locate bootp device.
ues a sniffer.
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, August 16, 2000 8:20 AM
To: [EMAIL PROTECTED]
Subject: [FW1] Locate bootp device.
Hi,
My firewall-1 (4.1 on NT4.0) has been getting loads of bootp requests which
are
filling up the logs.
How can I locate the device they are coming from? The requests are
internal as
they are being logged on thre internal interface, however, not even the MAC
address is being logged. If I could get the MAC address I could locate the
device. How can I do this?
Thanks.
Jim.
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
*******************************************************************************************************
Any opinions expressed in the email are those of the individual and not necessarily the
City Of Salford. This email and any files transmitted with it are confidential and
solely for the use of the intended recipient.
It may contain material protected by solicitor-client privilege. If you are not the
intended recipient or the person responsible for delivering to the intended recipient,
be advised that you have received this email in error and that any use is strictly
prohibited. If you have received this email in error please notify the IT Help Desk by
telephone on +44 (0) 1617933993.
********************************************************************************************************
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
