Hi! Last night a friend was showing me the latest and greatest sniffing toy, Ether-Boy", which he was running from behind a Debian Masquerading firewall.
The Windows Sniffer thing showed a concerted attack on his LAN thru the firewall. Parotociols being used included lots of Appltalk and ICMP. The Firewall in question has a kernel with only IP, Firewallwalling and masqerading, _no_ appletalk. Plus we can't ping thru the thing, so I have severe doubts as to whether it was real. Running sniffit outside the firewall showed no traffic to the "offender" excpet if we pinged it or ran at it's ports. I suspect that the "Ether Boy" is nasty nagware. Or is the firewall broken? Opinions welcome. Expert opinions encouraged. John F.
