Jonathan G. Lampe
jonathan at stdnet.com
Tue Oct 1 21:51:15 GMT 2002
Hi. I think you need to state the "destination" UDP port as well. My
suspicion is that *YOU* are causing the ping by sending out a packet from
UDP port 1026 to UDP port ???. (Maybe a time server on port 123?) I am
suspicious because 1026 is very close to 1024, the magic number at which
the "high port range" begins.
(In particular, I've seen Cisco's firewall feature set fail to log outbound
UDP packets which cause incoming UDP packets to come from the same machine
with two IP addresses...again, a time server situation...someone was
serving up time on one IP but sending the packets back with another IP
At 12:52 PM 9/29/2002, you wrote:
> > I'm new to the list, and just joined out of curiosity because I
> keep getting 'pinged', some I've trace on Neo Trace. This one
> was strange because it couldn't find who it was. Any ideas/help? This
> was the number 184.108.40.206 UDP Port 1026 Thanks! Karen
>OrgName: PaeTec Communications, Inc.
>OrgID: PAET NetRange: 220.127.116.11 - 18.104.22.168
>NetType: Direct Allocation
>Updated: 2002-06-18 TechHandle: IP43-ARIN
>TechName: PaeTec Communications, Inc.
>TechEmail: ipadmin at paetec.com OrgTechHandle: IP43-ARIN
>OrgTechName: PaeTec Communications, Inc.
>OrgTechEmail: ipadmin at paetec.com
>Dshield mailing list
>Dshield at dshield.org
>To change your subscription options (or unsubscribe), see:
More information about the list