> The first obvious thing is that this is a broadcast
> packet, just by looking at the source MAC address
> (ff:ff:ff:ff:ff:ff). What OS is the machine with
> MAC 00:06:25:2a:72:d1 running?
How do I find out the MAC address on a PC? In any
case, all of my PCs (apart from my linux box) are all
running XP Pro.
> Also, maybe you have something like this set
> somewhere in your startup scripts (could be set
> with sysctl too):
How do I check to see if that's the case. btw, this
is the contents of my sysctl.conf file:
-----------
# Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled. See
sysctl(8) for
# more details.
# Controls IP packet forwarding
net.ipv4.ip_forward = 0
# Controls source route verification
net.ipv4.conf.default.rp_filter = 1
# Controls the System Request debugging functionality
of the kernel
kernel.sysrq = 0
# Controls whether core dumps will append the PID to
the core filename.
# Useful for debugging multi-threaded applications.
-----------
> # Log spoofed packets, source routed packets,
> redirect packets.
> /bin/echo "1" >
> /proc/sys/net/ipv4/conf/all/log_martians
What is the above doing, exactly? What is "1"? Where
do I put the above command? Running it at the prompt
didn't seem to do anything.
> If you are using iptables,
I am.
> I found the following page to be a useful reference
> for reading the logs:
I'll check it out, thanks.
> Some more info, especially log entries from
> netfilter would help.
Where do I find the netfilter log? Doing a locate on
"netfilter" just turned up source files.
thnx,
Chris
__________________________________
Do you Yahoo!?
Free Pop-Up Blocker - Get it now
http://companion.yahoo.com/
___________________
Nolug mailing list
nolug@nolug.org
Received on 11/29/03
This archive was generated by hypermail 2.2.0 : 12/19/08 EST