Re: Neighbor table overflow. Virus?
- From: ibuprofin@xxxxxxxxxxxxxxxxxxxxxx (Moe Trin)
- Date: Tue, 24 Jan 2006 13:57:13 -0600
On 24 Jan 2006, in the Usenet newsgroup comp.os.linux.networking, in article
<1138093069.792509.323560@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>, nsa.usa@xxxxxxxxx
wrote:
>Sorry if I didn't make that clear. As soon as I disconnect that client
>the problem disappears in the server. It is obvious from the ARP table
>that hundreds of connections are comming from this client that cannot
>be established.
Entries in the ARP tables should only occur for IP addresses that are
local to this computer. Looking at your routing table should show what
the O/S deems to be local. Are you using some unusual netmasks?
>The client is running a windows version by the way.
In theory, sniffing the connection to see WTF it's trying to connect
to might help, as the dialin box isn't using ARP (a ppp connection does
not). This means you can see what address, port, and protocol is trying
to be used.
Old guy
.
- Follow-Ups:
- Re: Neighbor table overflow. Virus?
- From: Tauno Voipio
- Re: Neighbor table overflow. Virus?
- References:
- Neighbor table overflow. Virus?
- From: nsa.usa@xxxxxxxxx
- Re: Neighbor table overflow. Virus?
- From: Rick Moen
- Re: Neighbor table overflow. Virus?
- From: nsa.usa@xxxxxxxxx
- Re: Neighbor table overflow. Virus?
- From: Rick Moen
- Re: Neighbor table overflow. Virus?
- From: nsa.usa@xxxxxxxxx
- Neighbor table overflow. Virus?
- Prev by Date: tc filter change issue
- Next by Date: Re: How to avoid interrupt sharing ?
- Previous by thread: Re: Neighbor table overflow. Virus?
- Next by thread: Re: Neighbor table overflow. Virus?
- Index(es):
Relevant Pages
|
