[CS-FSLUG] Networking details #3 -- partly working

FreeSBIE User jerryvb at verizon.net
Thu Dec 9 06:30:59 CST 2004 

Ed Hurst wrote:

>Frank Bax wrote:
>  
>
>>At 03:07 PM 12/8/04, Ed Hurst wrote:
>>
>>    
>>
>>>The curious thing is something I've never seen: logging of connections
>>>denied using what looks like my dynamically assigned IP from the ISP.
>>>That is, something between these two machines is attempting to connect
>>>to port 80 on other machines, but looks to be using my temporary IP via
>>>the ethernet interface. That's a whole 'nother mess to look at.
>>>      
>>>
>>There are some virii that attempt to spread this way.  They are trying to 
>>exploit vulnerabilities in IIS using random ip addresses.
>>    
>>
>
>Here's a sample to clarify. The first two lines are what I expected,
>having not found a way to give the XP box permit through my firewall:
>
>Dec  8 14:54:55 thud kernel: ipfw: 1000 Deny UDP 192.168.1.2:1027
>65.90.176.11:53 out via tun0
>Dec  8 14:54:55 thud kernel: ipfw: 1000 Deny UDP 192.168.1.2:1027
>208.23.212.253:53 out via tun0
>
>You'll note the source IP (192.168.1.2) is what I assigned the XP box.
>The destinations are the two DNS servers. They were trying to use the
>'tun0' interface, which is the standard ppp for FreeBSD. These next
>entries puzzled me:
>
>Dec  8 14:55:48 thud kernel: ipfw: 1000 Deny TCP 208.31.95.146:55781
>216.154.201.125:80 out via tun0
>Dec  8 14:55:56 thud kernel: ipfw: 1000 Deny TCP 208.31.95.146:57640
>216.154.201.125:80 out via tun0
>Dec  8 14:55:58 thud kernel: ipfw: 1000 Deny TCP 208.31.95.146:58297
>216.154.201.125:80 out via tun0
>
>At that moment, IP 208.31.95.146 was the dynamically assigned addy from
>my ISP. The ports used were way up there. The destination is unknown to
>me. Doing a 'whois' didn't give me much to go on, nor anything I
>recognized offhand. Something on her machine grabbed the IP I was given,
>and tried to use it.
>
>Any ideas?
>
>  
>
Hey Ed,
I don't know where you are on your networking problem, but I just 
discovered this:
http://www.freesbie.org/

It's a FreeBSD live CD distribution. I'm composing this email on it 
right now! I d'nld the iso, burnt it, booted it, and Voila! I'm running 
FreeBSD! I know you use dialup, so if you like I can burn you a cd and 
snail mail it to ya. Is there any config files I could email to you? My 
setup is:

my box ->LinkSys Router ->Westell DSL modem -> Internet

I know it's not the same as yours, but something might help you.

God bless,
Jerry

More information about the Christiansource mailing list