Gprs sent and receive random byte. WHY?
Ed Kapitein
ed at kapitein.org
Fri Jun 18 20:34:03 CEST 2010
Hi Shosholoza,
No time to panic, just time to get a new provider ;-)
Why would they send netbios sessions up your ppp link?
Especially when you are neither the sender or receiver of that session.
I think a firewall would be nice to have anyway, but as long as your
provider is sending you garbage, there is little you can do.
( except from complaining to them)
I seriously hope they don't charge you for the traffic you are seeing on
your end of the link!
Other than that, how is your connection? stable, fast?
Kind regards,
Ed
On 06/18/2010 07:47 PM, Shosholoza wrote:
> I reinstalled SHR lite. Now I can start on Gprs with settings -> Connectivity
> but the random sender and receiver of bytes not stopped. I installed tcpdump
> and after few seconds I obtain this:
>
> root at om-gta02 /etc/ppp # tcpdump -v -i ppp0
> tcpdump: listening on ppp0, link-type LINUX_SLL (Linux cooked), capture size
> 68 bytes
> 19:33:06.931371 IP (tos 0x0, ttl 38, id 15160, offset 0, flags [DF], proto
> TCP (6), length 64)
> 217.203.187.236.1276 > 95.75.149.4.netbios-ssn: Flags [S], seq
> 2243638647, win 53760, options [mss 1360,[|tcp]>
> 19:33:06.932024 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP
> (6), length 40)
> 95.75.149.4.netbios-ssn > 217.203.187.236.1276: Flags [R.], cksum 0x650e
> (correct), seq 0, ack 2243638648, win 0, length 0
> 19:33:06.956867 IP (tos 0x0, ttl 64, id 20189, offset 0, flags [DF], proto
> UDP (17), length 74)
> 95.75.149.4.47631 > 213.230.129.10.domain: 64069+[|domain]
> 19:33:07.656310 IP (tos 0x0, ttl 241, id 35873, offset 0, flags [DF], proto
> UDP (17), length 134)
> 213.230.129.10.domain > 95.75.149.4.47631: 64069 NXDomain[|domain]
> 19:33:07.660352 IP (tos 0x0, ttl 64, id 20330, offset 0, flags [DF], proto
> UDP (17), length 70)
> 95.75.149.4.57480 > 213.230.129.10.domain: 2568+[|domain]
> 19:33:08.300014 IP (tos 0x0, ttl 241, id 35874, offset 0, flags [DF], proto
> UDP (17), length 130)
> 213.230.129.10.domain > 95.75.149.4.57480: 2568 NXDomain[|domain]
> 19:33:08.319830 IP (tos 0x0, ttl 64, id 20462, offset 0, flags [DF], proto
> UDP (17), length 73)
> 95.75.149.4.58339 > 213.230.129.10.domain: 61714+[|domain]
> 19:33:09.480119 IP (tos 0x0, ttl 241, id 35875, offset 0, flags [DF], proto
> UDP (17), length 132)
> 213.230.129.10.domain > 95.75.149.4.58339: 61714 NXDomain*[|domain]
> 19:33:20.527603 IP (tos 0x0, ttl 119, id 5232, offset 0, flags [DF], proto
> TCP (6), length 48)
> 95.75.63.234.1822 > 95.75.149.4.loc-srv: Flags [S], seq 3106167060, win
> 0, options [mss 1360,[|tcp]>
> 19:33:20.528435 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP
> (6), length 40)
> 95.75.149.4.loc-srv > 95.75.63.234.1822: Flags [R.], cksum 0x026d
> (correct), seq 0, ack 3106167061, win 0, length 0
> 19:33:20.542323 IP (tos 0x0, ttl 64, id 22906, offset 0, flags [DF], proto
> UDP (17), length 71)
> 95.75.149.4.38562 > 213.230.129.10.domain: 53942+[|domain]
> 19:33:21.338760 IP (tos 0x0, ttl 241, id 35876, offset 0, flags [DF], proto
> UDP (17), length 131)
> 213.230.129.10.domain > 95.75.149.4.38562: 53942 NXDomain[|domain]
> 19:33:21.848942 IP (tos 0x0, ttl 119, id 5593, offset 0, flags [DF], proto
> TCP (6), length 48)
> 95.75.63.234.1822 > 95.75.149.4.loc-srv: Flags [S], seq 3106167060, win
> 0, options [mss 1360,[|tcp]>
> 19:33:21.849317 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP
> (6), length 40)
> 95.75.149.4.loc-srv > 95.75.63.234.1822: Flags [R.], cksum 0x026d
> (correct), seq 0, ack 1, win 0, length 0
> 19:33:22.929034 IP (tos 0x0, ttl 119, id 5894, offset 0, flags [DF], proto
> TCP (6), length 48)
> 95.75.63.234.1822 > 95.75.149.4.loc-srv: Flags [S], seq 3106167060, win
> 0, options [mss 1360,[|tcp]>
> 19:33:22.929415 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP
> (6), length 40)
> 95.75.149.4.loc-srv > 95.75.63.234.1822: Flags [R.], cksum 0x026d
> (correct), seq 0, ack 1, win 0, length 0
> ^C
> 16 packets captured
> 16 packets received by filter
> 0 packets dropped by kernel
> The IP Address of my PC was 79.46.207.142
> It is time for panic? :)
> I need of a firewall into my Freerunner?
>
>
More information about the community
mailing list
