Excellent idea. And yes I'm top posting hate snipping on iPhone! From: Randy
It's an iPhone Thang! Was learning cursive necessary? On Feb 3, 2012, at 12:59 PM, Granville Moore <[email protected]> wrote: > On 03/02/2012 18:15, Full Disclosure mailing list wrote: >> >> On 03/02/2012 08:20, RandallM wrote: >> >>> since no one could answer the last one how bout this. In my FW log >>> Trust (our 10.0.0.0. network) to untrust picked this up: >>> >>> 2012-02-02 10:08:10 7.254.254.254:68 7.254.254.255:67 0.0.0.0:0 >>> 0.0.0.0:0 DHCP 0 sec. 0 0 Traffic Denied >>> >>> My "any" to "any" denied queue. >>> >> >> I've seen this sort of thing before, from misconfigured VPNs. >> >> Do you have someone using "Tunngle" on your network? >> >> It's a VPN product (as far as I understand it, primarily for gaming), >> and it appears to (mis)use the 7.xxx.xxx.xxx IP address space. See this >> for a report of similar packet sightings: >> >> http://www.tunngle.net/community/topic/18311-bsod/ >> >> My guess is that one of your users has set up this VPN in order to >> tunnel through your firewall, but it's not configured correctly and its >> DHCP requests are going onto your main network rather than (as intended) >> through the tunnel. You might want to look into who is using this... >> >> Granville Moore >> Nemesys Computer Consultants >> www.nemesys.com >> >> > Sorry - my "From" address was screwed up in my previous reply. > > Granville Moore > Nemesys Computer Consultants > www.nemesys.com > > > -- > Dr Granville Moore > > Principal Consultant > > Nemesys Computer Consultants Ltd > 17 High Street > Wicken > Cambridgeshire > CB7 5XR > > 01353 727999 > > www.nemesys.com
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
