All: Thanks to Gary & Ryan. Turns out a machine that dials up to our network has his NIC set to 192.50.50.51 (I have sent him a copy of RFC 1918!). When the Outlook client tells Exchange his address, apparently all addresses are included and Exchange doesn't bother checking the source address (turn this over to vul-dev :-)). So, that is why the Exchange server sends the UDP packets to the bizarre address. Many thanks to the Ethereal team too! If anyone wants to see the traffic sample, let me know. -Tony ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Oct 26 2001 - 15:26:35 PDT