On Wednesday, Oct 22, 2003, Soren wrote: "It probably means that the system at 166.70.4.80 is pinging the broadcast address of your network. This isn't really a problem. This host is just
a) trying to find which hosts are on the network b) trying to find a network that can act as a ping amplifier for a DDoS attack" I called my isp (XMission) and asked them what it meant. Tech said, "the ip belonged to one of their DSL cards which sends out keep-alive packets periodically." "But isn't the router supposed to not pass those packets on to the hosts inside the network behind the router?" says I. "yes," says Tech. "But this only started today." says I. "Have you changed the configuration of the network recently, like mapped any ports to systems on the local network?" asks the Tech. "No," says I. "So why did this start happening all of a sudden?" Tech didn't know. Well thats the jist of the conversation. I'm running a Cisco 678 router from qwest using routing mode and NAT with inside network address of 10.0.0.1. It is my understanding that ip addresses starting with 10 are non-routable and in a way provide a little more security. I'm not sure what it all means, but I'm going to reflash the router with the newest cbos software tomarrow. Thane -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Soren Harward Sent: Wednesday, October 22, 2003 3:09 PM To: BYU Unix Users Group Subject: Re: [uug] <ip addr> sent an invalid ICMP error to a broadcast On Wed 22 Oct 2003 at 14:55:36, Thane Andersen said: > "166.70.4.80 sent an invalid ICMP error to a broadcast." What does this > mean and how do I fix it? The specified IP address is not an address I use > on my machine or anywhere on my local network. It probably means that the system at 166.70.4.80 is pinging the broadcast address of your network. This isn't really a problem. This host is just a) trying to find which hosts are on the network b) trying to find a network that can act as a ping amplifier for a DDoS attack As long as nothing on your LAN responds to the ping, then you don't have any problems. The message is just a warning. -- Soren Harward [EMAIL PROTECTED] ____________________ BYU Unix Users Group http://uug.byu.edu/ ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list ____________________ BYU Unix Users Group http://uug.byu.edu/ ___________________________________________________________________ List Info: http://uug.byu.edu/cgi-bin/mailman/listinfo/uug-list
