[lug] port 220 progress
jordan at cosmicpenguin.net
Wed Jan 21 19:47:14 MST 2004
On Wed, 21 Jan 2004 19:33:58 -0700
Nate Duehr <nate at natetech.com> wrote:
> You should definitely report this spoofing traffic to your ISP. If
> they were doing proper ingress and egress filtering, you'd never have
> seen that spoofed address from anywhere other than your local LAN.
> They should be aware that their configuration is allowing someone to
> do this using your IP address.
The problem with Comcast is that there are a ton of addresses behind
the router on a number of truely shared networks. My traffic
light is almost always blipping with ARP and DHCP requests, not to
mention the almost constant probing. I used to log all attempted
accesses (which are dropped at the firewall), but I stopped just because
there got to be too many. Its just a ugly network full of malicous
folks, and it all happens behind Comcast's back, so to speak.
** No penguins were harmed in the making of this message
More information about the LUG