[lug] port 220 progress

Jordan Crouse jordan at cosmicpenguin.net
Wed Jan 21 19:47:14 MST 2004

On Wed, 21 Jan 2004 19:33:58 -0700
Nate Duehr <nate at natetech.com> wrote:

> You should definitely report this spoofing traffic to your ISP.  If 
> they were doing proper ingress and egress filtering, you'd never have 
> seen that spoofed address from anywhere other than your local LAN.  
> They should be aware that their configuration is allowing someone to
> do this using your IP address.

The problem with Comcast is that there are a ton of addresses behind
the router on a number of truely shared networks.  My traffic
light is almost always blipping with ARP and DHCP requests, not to
mention the almost constant probing.  I used to log all attempted
accesses (which are dropped at the firewall), but I stopped just because
there got to be too many.  Its just a ugly network full of malicous
folks, and it all happens behind Comcast's back, so to speak.



** No penguins were harmed in the making of this message

More information about the LUG mailing list