Wrong on the second paragraph. Your border should not allow non-public
routable addresses in or out. Your provider should be doing the same
thing, but if there is any leakage either way, funny things can happen.
The only difference in "private" and "public" addresses is that you
should not pass on the "privates."
It is possible that someone inside your net has a virus, etc., the has
made them appear to have that address and it is attempting to hit any
address it can.
On 7/25/2012 11:18 AM, Ty Featherling wrote:
I though, and Google verified, that port knocking is a means to be allowed
through a firewall by attempting connections to a specific sequence of
ports. How does that apply here?
Public space shouldn't be able to reach private space without some form of
redirect or NAT, correct?
-Ty
On Wed, Jul 25, 2012 at 10:14 AM, Josh Luthman
<[email protected]>wrote:
Port knocking?
Josh Luthman
Office: 937-552-2340
Direct: 937-552-2343
1100 Wayne St
Suite 1337
Troy, OH 45373
On Wed, Jul 25, 2012 at 11:10 AM, Ty Featherling <[email protected]
wrote:
Looking at one of my routerboards that has a private 10.0.4.x address and
the logs show multiple attempts to connect via ftp and ssh from a public
address 213.229.93.218. Not counting for the fact that your security
should
block those attempts, how in the hell is a public address that is
off-network reaching a private address? NAT is not being used anywhere on
my network.
-Ty
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <
http://www.butchevans.com/pipermail/mikrotik/attachments/20120725/5dd00907/attachment.html
_______________________________________________
Mikrotik mailing list
[email protected]
http://www.butchevans.com/mailman/listinfo/mikrotik
Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
RouterOS
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <
http://www.butchevans.com/pipermail/mikrotik/attachments/20120725/5300ba0f/attachment.html
_______________________________________________
Mikrotik mailing list
[email protected]
http://www.butchevans.com/mailman/listinfo/mikrotik
Visit http://blog.butchevans.com/ for tutorials related to Mikrotik
RouterOS
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://www.butchevans.com/pipermail/mikrotik/attachments/20120725/3f130f0f/attachment.html>
_______________________________________________
Mikrotik mailing list
[email protected]
http://www.butchevans.com/mailman/listinfo/mikrotik
Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
-----
No virus found in this message.
Checked by AVG - www.avg.com
Version: 2012.0.2197 / Virus Database: 2437/5154 - Release Date: 07/25/12
--
Scott Reed
Owner
NewWays Networking, LLC
Wireless Networking
Network Design, Installation and Administration
Mikrotik Advanced Certified
www.nwwnet.net
(765) 855-1060
(765) 439-4253
(855) 231-6239
_______________________________________________
Mikrotik mailing list
[email protected]
http://www.butchevans.com/mailman/listinfo/mikrotik
Visit http://blog.butchevans.com/ for tutorials related to Mikrotik RouterOS
