From owner-freebsd-net  Mon May 29  0:39:15 2000
Delivered-To: freebsd-net@freebsd.org
Received: from elmls01.ce.mediaone.net (elmls01.ce.mediaone.net [24.131.128.25])
	by hub.freebsd.org (Postfix) with ESMTP id C4A8537BC11
	for <freebsd-net@freebsd.org>; Mon, 29 May 2000 00:39:09 -0700 (PDT)
	(envelope-from dcschooley@ieee.org)
Received: from [192.168.1.4] (el01-24-131-141-107.ce.mediaone.net [24.131.141.107])
	by elmls01.ce.mediaone.net (8.8.7/8.8.7) with ESMTP id CAA23703;
	Mon, 29 May 2000 02:42:36 -0500 (CDT)
Mime-Version: 1.0
X-Sender: dcs@192.168.1.2
Message-Id: <p04310101b557bf5d3405@[192.168.1.4]>
In-Reply-To: 
 <Pine.BSF.4.10.10005290122520.532-100000@hydrant.intranova.net>
References: <Pine.BSF.4.10.10005290122520.532-100000@hydrant.intranova.net>
x-advocacy: An Apple a Day Keeps Windows Away
Date: Mon, 29 May 2000 02:38:54 -0500
To: Omachonu Ogali <oogali@intranova.net>
From: David Schooley <dcschooley@ieee.org>
Subject: Re: Strange Network Traffic
Cc: freebsd-net@freebsd.org
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

At 1:23 AM -0400 5/29/00, Omachonu Ogali wrote:
>
>  >
>>  May 25 23:30:00 bicycle /kernel: ipfw: 1000 Deny UDP 192.168.1.1:1030
>>  255.255.255.255:162 in via fxp1
>>  May 25 23:30:00 bicycle /kernel: ipfw: 1000 Deny UDP 192.168.1.1:1030
>>  255.255.255.255:162 in via fxp0
>>
>>  and later, it happens again:
>>
>>  May 28 16:52:04 bicycle /kernel: ipfw: 1000 Deny UDP 192.168.1.1:1031
>>  255.255.255.255:162 in via fxp1
>>  May 28 16:52:04 bicycle /kernel: ipfw: 1000 Deny UDP 192.168.1.1:1031
>>  255.255.255.255:162 in via fxp0
>>
>>  The Linksys shouldn't be doing anything with SNMP, so are evil
>>  crackers trying to do something?
>>
>>
>
>The router is broadcasting SNMP traps (port 162) to the LAN.
>

I know that's what I am getting, but the documentation for the router 
doesn't say anything about support for SNMP, nor does the router 
respond when SNMP packets go the other way, so I got suspicious. I 
have been playing around with it, and cycling power to the router 
causes those packets to be sent out, so I guess the router really is 
doing it.

-- 
---------------------------------------------------
   David C. Schooley, Ph.D.
   Transmission Operations/Technical Operations Support
   Commonwealth Edison Company
   work phone: 630-691-4466/(472)-4466
   work email: mailto:david.c.schooley@ucm.com
   home email: mailto:dcschooley@ieee.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message