[Bug 12385] lo0 loopback device not activated by default

bugzilla-daemon Tue, 10 Jan 2006 19:15:52 -0800

Please do not reply to this email.  You can add comments at
http://bugzilla.ubuntu.com/show_bug.cgi?id=12385
Ubuntu | ifupdown






------- Additional Comments From [EMAIL PROTECTED]  2006-01-11 03:15 UTC -------
(In reply to comment #1)
> In Debian and Ubuntu the loopback interface is named 'lo'.
> 
> Make sure that you have the following lines in /etc/network/interfaces
> 
> auto lo
> iface lo inet loopback

I think there may be a problem with lo. I installed ubuntu breezy on an hp
nc6220 laptop and frequently 
had the problem that after I would login to the window manager, the screen would
be blank. I could switch to 
a terminal but no X stuff worked. I changed to the 
kubuntu desktop and noticed then that X "got over" it after quite a while,
something like 10 minutes. Then the 
desktop items would appear. This turned
out to only happen if the wired network cable was plugged in when the machine
booted. (but I don't have a wireless access point
so that was equivalent to no network). Ok the really interesting
thing was I plugged the laptop in at work where I am also running snort. At the
same time that the laptop was
doing it's invisible X routine, snort logged a lot of complaints about "bad
traffic" coming from the network 
to the loopback address 127.0.0.1. The mac address and the dhcp assigned IP
number of laptop matched the sources logged by snort.
 I am enclosing a sample below. (snort is capable of imagining things so this
needs to be confirmed.)

Ok but worse than that, I had another machine on the network running ubuntu
breezy, a desktop machine. That machine
did not have the X problem. But during that time frame that snort was
complaining about loopback traffic from
the network, the ubuntu machine locked up with all kinds of horizontal lines
messing up the screen. Now I can't believe that
any os would be vulnerable to loopback traffic from the network because that's a
real old exploit and to top
it off I was running firestarter on there. but that did happen, coincidentally I
hope. 
Looking at the laptop's /etc/network/interfaces it defined lo but it did not
have a line "auto lo". I added 
that and we'll see if that fixes the X problem. I will check the desktop machine
that crashed tomorrow to see
if it had a problem with lo also. 

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:27:50.082342 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:50243 -> 127.0.0.1:50000 TCP TTL:64 TOS:0x0 ID:23247 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x7700756B  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294782884 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:27:50.082342 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:50243 -> 127.0.0.1:50000 TCP TTL:64 TOS:0x0 ID:23247 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x7700756B  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294782884 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:27:53.081812 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:50243 -> 127.0.0.1:50000 TCP TTL:64 TOS:0x0 ID:23249 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x7700756B  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294785884 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:27:53.081812 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:50243 -> 127.0.0.1:50000 TCP TTL:64 TOS:0x0 ID:23249 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x7700756B  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294785884 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:27:59.081019 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:50243 -> 127.0.0.1:50000 TCP TTL:64 TOS:0x0 ID:23251 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x7700756B  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294791884 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:27:59.081019 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:50243 -> 127.0.0.1:50000 TCP TTL:64 TOS:0x0 ID:23251 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x7700756B  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294791884 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:28:11.079467 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:50243 -> 127.0.0.1:50000 TCP TTL:64 TOS:0x0 ID:23253 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x7700756B  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294803884 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:28:11.079467 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:50243 -> 127.0.0.1:50000 TCP TTL:64 TOS:0x0 ID:23253 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x7700756B  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294803884 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:28:17.873273 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:46627 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:43258 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x787734CC  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294810678 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:28:17.873273 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:46627 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:43258 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x787734CC  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294810678 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:28:20.872121 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:46627 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:43260 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x787734CC  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294813678 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:28:20.872121 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:46627 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:43260 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x787734CC  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294813678 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:28:26.871361 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:46627 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:43262 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x787734CC  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294819678 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:28:26.871361 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:46627 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:43262 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x787734CC  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294819678 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:28:35.076267 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:50243 -> 127.0.0.1:50000 TCP TTL:64 TOS:0x0 ID:23255 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x7700756B  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294827884 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:28:35.076267 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:50243 -> 127.0.0.1:50000 TCP TTL:64 TOS:0x0 ID:23255 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x7700756B  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294827884 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:28:38.869756 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:46627 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:43264 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x787734CC  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294831678 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:28:38.869756 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:46627 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:43264 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x787734CC  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294831678 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:29:02.866574 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:46627 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:43266 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x787734CC  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294855678 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:29:02.866574 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:46627 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:43266 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x787734CC  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294855678 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:29:23.069880 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:50243 -> 127.0.0.1:50000 TCP TTL:64 TOS:0x0 ID:23257 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x7700756B  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294875884 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:29:23.069880 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:50243 -> 127.0.0.1:50000 TCP TTL:64 TOS:0x0 ID:23257 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x7700756B  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294875884 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:29:50.860195 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:46627 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:43268 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x787734CC  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294903678 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:29:50.860195 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:46627 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:43268 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x787734CC  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294903678 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:31:26.892612 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:38794 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:46388 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x84D2CB9F  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 32427 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:31:26.892612 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:38794 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:46388 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x84D2CB9F  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 32427 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:31:29.891988 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:38794 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:46390 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x84D2CB9F  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 35427 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:31:29.891988 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:38794 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:46390 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x84D2CB9F  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 35427 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:31:35.891215 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:38794 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:46392 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x84D2CB9F  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 41427 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:31:35.891215 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:38794 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:46392 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x84D2CB9F  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 41427 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:31:47.889591 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:38794 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:46394 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x84D2CB9F  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 53427 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:31:47.889591 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:38794 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:46394 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x84D2CB9F  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 53427 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:32:11.869481 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:38794 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:46396 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x84D2CB9F  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 77427 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:32:11.869481 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:38794 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:46396 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x84D2CB9F  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 77427 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:32:59.863115 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:38794 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:46398 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x84D2CB9F  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 125427 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-17:32:59.863115 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:38794 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:46398 IpLen:20 
DgmLen:60 DF
******S* Seq: 0x84D2CB9F  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 125427 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-18:58:31.298994 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:36670 -> 127.0.0.1:50000 TCP TTL:64 TOS:0x0 ID:7287 IpLen:20 DgmLen:60 
DF
******S* Seq: 0xBB3A06C8  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294777535 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-18:58:31.298994 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:36670 -> 127.0.0.1:50000 TCP TTL:64 TOS:0x0 ID:7287 IpLen:20 DgmLen:60 
DF
******S* Seq: 0xBB3A06C8  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294777535 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-18:58:34.297751 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:36670 -> 127.0.0.1:50000 TCP TTL:64 TOS:0x0 ID:7289 IpLen:20 DgmLen:60 
DF
******S* Seq: 0xBB3A06C8  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294780535 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-18:58:34.297751 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:36670 -> 127.0.0.1:50000 TCP TTL:64 TOS:0x0 ID:7289 IpLen:20 DgmLen:60 
DF
******S* Seq: 0xBB3A06C8  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294780535 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-18:58:40.296951 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:36670 -> 127.0.0.1:50000 TCP TTL:64 TOS:0x0 ID:7291 IpLen:20 DgmLen:60 
DF
******S* Seq: 0xBB3A06C8  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294786535 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-18:58:40.296951 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:36670 -> 127.0.0.1:50000 TCP TTL:64 TOS:0x0 ID:7291 IpLen:20 DgmLen:60 
DF
******S* Seq: 0xBB3A06C8  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294786535 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-18:58:52.295345 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:36670 -> 127.0.0.1:50000 TCP TTL:64 TOS:0x0 ID:7293 IpLen:20 DgmLen:60 
DF
******S* Seq: 0xBB3A06C8  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294798535 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-18:58:52.295345 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:36670 -> 127.0.0.1:50000 TCP TTL:64 TOS:0x0 ID:7293 IpLen:20 DgmLen:60 
DF
******S* Seq: 0xBB3A06C8  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294798535 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-18:58:55.015143 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:53158 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:7895 IpLen:20 DgmLen:60 
DF
******S* Seq: 0xBD3D69B0  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294801255 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-18:58:55.015143 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:53158 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:7895 IpLen:20 DgmLen:60 
DF
******S* Seq: 0xBD3D69B0  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294801255 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-18:58:58.010642 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:53158 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:7897 IpLen:20 DgmLen:60 
DF
******S* Seq: 0xBD3D69B0  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294804255 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-18:58:58.010642 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:53158 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:7897 IpLen:20 DgmLen:60 
DF
******S* Seq: 0xBD3D69B0  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294804255 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-18:59:03.987361 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:53158 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:7899 IpLen:20 DgmLen:60 
DF
******S* Seq: 0xBD3D69B0  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294810255 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-18:59:03.987361 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:53158 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:7899 IpLen:20 DgmLen:60 
DF
******S* Seq: 0xBD3D69B0  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294810255 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-18:59:15.985765 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:53158 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:7901 IpLen:20 DgmLen:60 
DF
******S* Seq: 0xBD3D69B0  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294822255 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-18:59:15.985765 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:53158 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:7901 IpLen:20 DgmLen:60 
DF
******S* Seq: 0xBD3D69B0  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294822255 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-18:59:16.265712 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:36670 -> 127.0.0.1:50000 TCP TTL:64 TOS:0x0 ID:7295 IpLen:20 DgmLen:60 
DF
******S* Seq: 0xBB3A06C8  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294822535 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-18:59:16.265712 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:36670 -> 127.0.0.1:50000 TCP TTL:64 TOS:0x0 ID:7295 IpLen:20 DgmLen:60 
DF
******S* Seq: 0xBB3A06C8  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294822535 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-18:59:39.982541 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:53158 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:7903 IpLen:20 DgmLen:60 
DF
******S* Seq: 0xBD3D69B0  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294846255 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-18:59:39.982541 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:53158 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:7903 IpLen:20 DgmLen:60 
DF
******S* Seq: 0xBD3D69B0  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294846255 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-19:00:04.259251 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:36670 -> 127.0.0.1:50000 TCP TTL:64 TOS:0x0 ID:7297 IpLen:20 DgmLen:60 
DF
******S* Seq: 0xBB3A06C8  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294870535 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-19:00:04.259251 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:36670 -> 127.0.0.1:50000 TCP TTL:64 TOS:0x0 ID:7297 IpLen:20 DgmLen:60 
DF
******S* Seq: 0xBB3A06C8  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294870535 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [1:528:5] BAD-TRAFFIC loopback traffic [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-19:00:27.976105 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:53158 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:7905 IpLen:20 DgmLen:60 
DF
******S* Seq: 0xBD3D69B0  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294894255 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

[**] [116:150:1] (snort decoder) Bad Traffic Loopback IP [**]
[Classification: Potentially Bad Traffic] [Priority: 2]
01/10-19:00:27.976105 0:14:C2:DB:CB:51 -> 0:11:5D:A1:3:FC type:0x800 len:0x4A
censored:53158 -> 127.0.0.1:16001 TCP TTL:64 TOS:0x0 ID:7905 IpLen:20 DgmLen:60 
DF
******S* Seq: 0xBD3D69B0  Ack: 0x0  Win: 0x16D0  TcpLen: 40
TCP Options (5) => MSS: 1460 SackOK TS: 4294894255 0 NOP WS: 2
[Xref => http://rr.sans.org/firewall/egress.php]

-- 
Configure bugmail: http://bugzilla.ubuntu.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.

--
kubuntu-bugs mailing list
[email protected]
http://lists.ubuntu.com/mailman/listinfo/kubuntu-bugs

[Bug 12385] lo0 loopback device not activated by default

Reply via email to