From owner-freebsd-questions@FreeBSD.ORG  Mon Sep 15 00:09:02 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 1D2F116A4BF
	for <freebsd-questions@freebsd.org>;
	Mon, 15 Sep 2003 00:09:02 -0700 (PDT)
Received: from lilith.bellavista.cz (lilith.bellavista.cz [213.235.167.218])
	by mx1.FreeBSD.org (Postfix) with ESMTP id B65B643FB1
	for <freebsd-questions@freebsd.org>;
	Mon, 15 Sep 2003 00:08:59 -0700 (PDT)
	(envelope-from neuhauser@bellavista.cz)
Received: from freepuppy.bellavista.cz (freepuppy.bellavista.cz [10.0.0.10])
	by lilith.bellavista.cz (Postfix) with ESMTP
	id D20CA37; Mon, 15 Sep 2003 09:08:56 +0200 (CEST)
Received: by freepuppy.bellavista.cz (Postfix, from userid 1001)
	id B07902FDA03; Sat, 13 Sep 2003 03:24:30 +0200 (CEST)
Date: Sat, 13 Sep 2003 03:24:30 +0200
From: Roman Neuhauser <neuhauser@bellavista.cz>
To: Hasse Hansson <webmaster@swedehost.com>
Message-ID: <20030913012430.GE1498@freepuppy.bellavista.cz>
Mail-Followup-To: Hasse Hansson <webmaster@swedehost.com>,
	FreeBSD Questions <freebsd-questions@freebsd.org>
References: <200309120537.17416.webmaster@swedehost.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <200309120537.17416.webmaster@swedehost.com>
User-Agent: Mutt/1.5.4i
cc: FreeBSD Questions <freebsd-questions@freebsd.org>
Subject: Re: Need help to interp kernel log message.
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Sep 2003 07:09:02 -0000

# webmaster@swedehost.com / 2003-09-12 05:37:17 +0200:
> I 've got a message in my logfiles that I don't understand.
> The ip-addresses are none that I'm to my knowing are associated with.
> Wonder what it is or if it's anything to worry about.
> 
> odin.swedehost.com kernel log messages:
> > icmp redirect from 65.104.98.146: 204.152.184.189 => 65.104.98.145
> 
> Checking up on the above Ip-addresses don't ring any bells ider.

    Looks like your machine was sending traffic to 204.152.184.189, and
    an intermediate host at 65.104.98.146 sent an ICMP redirect message
    telling it to send them to 65.104.98.145 instead. See RFC 792.

    As for security concerns: any packet might have the source address
    spoofed, and obeying ICMP type 5 messages in a hostile environment
    (like the internet) means you're giving your network traffic out for
    public consumption.

-- 
If you cc me or remove the list(s) completely I'll most likely ignore
your message.    see http://www.eyrie.org./~eagle/faqs/questions.html