[logs] strange udp packets

From: Bernhardi, Brett (brett.bernhardiat_private)
Date: Wed May 22 2002 - 08:53:38 PDT

Next message: Alexandre Dulaunoy: "Re: [logs] strange udp packets"

Previous message: Ganu Skop: "[logs] apache logging"
Next in thread: Alexandre Dulaunoy: "Re: [logs] strange udp packets"
Reply: Alexandre Dulaunoy: "Re: [logs] strange udp packets"
Reply: Eric Mauricio: "Re: [logs] strange udp packets"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


	I've been getting these packets every couple of minutes or so,
	and was wondering if someone could explain what is going on to me.
	eth0 is my internet-connected interface, with a 66.66.x.y address.
	24.92.226.16 is syrcnydhcp03-hme0.nyroc.rr.com.
	I have no idea what isrrip1bw1.bin is.

	thanks in advance for any help..

	this is what showed up in my log file:

May 22 11:07:01 opiate kernel: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:b0:64:b7:93:54:08:00 SRC=10.108.112.1
DST=255.255.255.255 LEN=346 TOS=0x00 PREC=0x00 TTL=255 ID=62260
PROTO=UDP SPT=67 DPT=68 LEN=326

May 22 11:08:05 opiate kernel: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:b0:64:b7:93:54:08:00 SRC=10.108.112.1
DST=255.255.255.255 LEN=346 TOS=0x00 PREC=0x00 TTL=255 ID=62324
PROTO=UDP SPT=67 DPT=68 LEN=326

May 22 11:09:09 opiate kernel: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:00:b0:64:b7:93:54:08:00 SRC=10.108.112.1
DST=255.255.255.255 LEN=346 TOS=0x00 PREC=0x00 TTL=255 ID=62365
PROTO=UDP SPT=67 DPT=68 LEN=326

	
	this is the tcpdump output:

11:07:01.335182 B 10.108.112.1.bootps > 255.255.255.255.bootpc:
xid:0x88143c7e Y:10.108.121.141 S:24.92.226.16 G:10.108.112.1 ether
0:80:37:ba:2:8b file "isrrip1bw1.bin" vend-rfc1048 T53:2 T54:283270168
T51:3593013504 SM:255.255.240.0 TZ:3234332671 DG:10.108.112.1
TS:24.92.226.16 LOG:0.0.0.0
T67:29545,29298,28777,25137,12663,25134,28265 (ttl 255, id 62260)

11:08:05.340916 B 10.108.112.1.bootps > 255.255.255.255.bootpc:
xid:0xbffaf9e4 Y:10.108.121.141 S:24.92.226.16 G:10.108.112.1 ether
0:80:37:ba:2:8b file "isrrip1bw1.bin" vend-rfc1048 T53:2 T54:283270168
T51:2502494464 SM:255.255.240.0 TZ:3234332671 DG:10.108.112.1
TS:24.92.226.16 LOG:0.0.0.0
T67:29545,29298,28777,25137,12663,25134,28265 (ttl 255, id 62324)

11:09:09.366036 B 10.108.112.1.bootps > 255.255.255.255.bootpc:
xid:0x2baeaa3a Y:10.108.121.141 S:24.92.226.16 G:10.108.112.1 ether
0:80:37:ba:2:8b file "isrrip1bw1.bin" vend-rfc1048 T53:2 T54:283270168
T51:1428752640 SM:255.255.240.0 TZ:3234332671 DG:10.108.112.1
TS:24.92.226.16 LOG:0.0.0.0
T67:29545,29298,28777,25137,12663,25134,28265 (ttl 255, id 62365)



-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.0.2i
Comment: You hear maniacal laughter in the distance...

iQA/AwUBPOu9+uB3FYbaQXHDEQJq+wCgzs+VGwwKcPmy5ZkqtXGXDsaIaw4AoNvv
+OSE1KI6XKo8vv7JuUCXC7R6
=DZE2
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: loganalysis-unsubscribeat_private
For additional commands, e-mail: loganalysis-helpat_private

Next message: Alexandre Dulaunoy: "Re: [logs] strange udp packets"
Previous message: Ganu Skop: "[logs] apache logging"
Next in thread: Alexandre Dulaunoy: "Re: [logs] strange udp packets"
Reply: Alexandre Dulaunoy: "Re: [logs] strange udp packets"
Reply: Eric Mauricio: "Re: [logs] strange udp packets"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu May 23 2002 - 23:23:19 PDT