ICMP Source Quench

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Zach Brown: "Re: ICMP Source Quench"
• Previous message: D. Chiodo: "Re: Bug related to bridge & PPP"
• In reply to: Francis Vidal: "(no subject)"
• Next in thread: Zoltan Hidvegi: "Re: Bug related to bridge & PPP"

I recently decided to run icmpinfo. Something caught my eye :

----- /var/log/messages -----

Nov 20 10:02:03 salaza icmpinfo: ICMP_Dest_Unreachable[Port]
< 127.0.0.1 > 127.0.0.1 sp=1495 dp=512 seq=0x002902df sz=69(+20)
Nov 20 10:02:03 salaza icmpinfo: ICMP_Dest_Unreachable[Port] < 127.0.0.1 > 127.0.0.1
sp=1495 dp=512 seq=0x002902df sz=69(+20)

I get the above set of messages when there is email for a user.

/etc/services tells me it's either exec or biff. I don't have any server
monitoring those 2 ports. Any idea why those connections are initiated?

---------- /var/log/messages ------------
Nov 20 10:02:19 salaza icmpinfo: ICMP_Source_Quench < 203.4.212.58 >
203.10.16.255 sp=138 dp=138 seq=0x00df3fdd sz=36(+20)

As well, any idea why the broadcast to port 138(netbios-dgm)?
203.4.212.58 is where my ppp link is connected to. Could it be
that I'm running Samba?

Thanks in advance.

• Next message: Zach Brown: "Re: ICMP Source Quench"
• Previous message: D. Chiodo: "Re: Bug related to bridge & PPP"
• In reply to: Francis Vidal: "(no subject)"
• Next in thread: Zoltan Hidvegi: "Re: Bug related to bridge & PPP"