cool1two
join:2004-02-12
Juneau, AK
1 edit | Barricade's See x.x.x.0 / x.x.x.255 as Broadcast.
Why do Barricade's See REAL IP's That end in x.x.x.0 / x.x.x.255 as Broadcast, and then automaticly block them and call them a smurf..
I have a 7004wfw.. and this is them most stupid crap I have ever seen.. my only guess is smc said, lets just lable all of them as broadcast "since most are, but not all" instead of looking at the packet to see what it really is??
Does anyone have thoughts on this.. does smc know about this.. does smc read this forum. |
|
Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA
| Re: Barricade's See x.x.x.0 / x.x.x.255 as Broadca
I believe that yes, SMC does read this forum.
So you have a non-/24 netmask that makes *.*.*.255 not a broadcast? And it thinks that it is one?
--
Stephen J. Friedl * Security Consultant * Tustin, California USA * my web site |
|
cool1two
join:2004-02-12
Juneau, AK
4 edits | blocked pcanywhere connection from cable user.
05/02/2004 23:13:20 **smurf** x.33.1.255, 4647->> x.x.x.x, 5631
05/02/2004 23:13:18 **smurf** x.33.1.255, 4647->> x.x.x.x, 5631
I get these every time they try and connect. without fail.
The only thing diffrent about this person is the IP x.x.x.255.. i have another one from a few months ago..
03/13/2004 02:14:29 **smurf** x.125.223.0, 4448->> x.x.x.x, 5631
03/13/2004 02:14:23 **smurf** x.125.223.0, 4448->> x.x.x.x, 5631
The only thing diffrent about this person is the IP x.x.x.0..
*** Part or all of the IP addresses may have been removed to protect the users identity ***
"I love legal crap" |
|
inmuck
Idiot In The East
Premium,MVM
join:2003-01-29
Raleigh, NC | There seems to be similar problem even with loopback request.
Have you enabled the firewall? if so, try tweaking the Intrusion Detection Parameters. |
|
cool1two
join:2004-02-12
Juneau, AK | Yes, the firewall is enabled... and very tweaked.. but if you have a suggestion on how to change the setting to fix this, i am willing to listen.. |
|
cool1two
join:2004-02-12
Juneau, AK
| Here is what i got |
|
Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA | I'm still not clear: is dot-255 a broadcast on your network, or not? What's your netmask? |
|
cool1two
join:2004-02-12
Juneau, AK
3 edits | Sorry I edited the post to better reflect the problem..
Please reread it..
x.33.1.255 is an address of a person on the internet.. real ip, somewhere in iowa..
As with any firewall, it is blocking this from the *WAN* side of the router..
The same is true of the x.125.223.0, except the state.. |
|
Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA
| I know exactly how broadcast works: it just wasn't clear from your explanation that you did. Now it's clear that you do.
It's also clear that the SMC is brain-dead if it assumes that an address is a broadcast without knowing the associated netmask.
It often true that dot-255 is a broadcast, but it can't be assumed. Duh.
Steve
--
Stephen J. Friedl * Security Consultant * Tustin, California USA * my web site |
|
cool1two
join:2004-02-12
Juneau, AK
| Yep, sorry about the confution..
So, I love this forum, things seem to get solved here.. and if SMC does truely look at this forum, then here is some info for them... This is the only problem i am getting.. my firewall settings are listed above.. hope someone can help
Hardware:
SMC7004WFW
Hardware Version:
01A
Runtime Code Version:
2.15T2X-P2.0 (May 28 2003 10:37:26)
Boot Code Version:
V2.00 |
|
inmuck
Idiot In The East
Premium,MVM
join:2003-01-29
Raleigh, NC
 ·RoadRunner Cable
| Cool1two, it seems that you haven't got steve question.
NOT all all address that ends with .255 is a broadcast and not all the address that ends with .0 is a network IP.
For eg. If the Subnet Mask is 255.255.0.0 and the Network IP is 24.24.0.0 then 24.24.1.255 is a valid IP address.
Hence Subnet mask is necessary to determine if the IP address is Broadcast or NOT. |
|
Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA
| said by inmuck  :
Cool1two, it seems that you haven't got steve question.
Actually, I think he does: he's finding that his firewall is blocking this traffic as "broadcast" even though they are not really broadcasts.
--
Stephen J. Friedl * Security Consultant * Tustin, California USA * my web site |
|
cool1two
join:2004-02-12
Juneau, AK
2 edits | reply to cool1two
Re: Barricade's See x.x.x.0 / x.x.x.255 as Broadcast.
Right we are all on the same page now,
Sorry about any confusion. but steve is saying what i am thinking, Im just not that good with the description.
"thank god for this forum to help me learn"
The Problem is that the Barricade blocks anything that ends in a .255 or a .0 that comes from the internet.. it is rare to see them, but i just happen to have to people with them..
They are not broadcast or network ip's. just regular cable users with 1 static ip that end in .255 or .0
But i don't know what can be done about this.. smc tech support doesn't seem to get this concept.. thats why i was hoping they read this forum... |
|
inmuck
Idiot In The East
Premium,MVM
join:2003-01-29
Raleigh, NC
·RoadRunner Cable
| reply to Steve
Re: Barricade's See x.x.x.0 / x.x.x.255 as Broadca
said by Steve :
Actually, I think he does: he's finding that his firewall is blocking this traffic as "broadcast" even though they are not really broadcasts.
Sorry for that, I got it wrong.
said by cool1two :
They are not broadcast or network ip's. just regular cable users with 1 static ip that end in .255 or .0
But i don't know what can be done about this.. smc tech support doesn't seem to get this concept.. thats why i was hoping they read this forum...
Seems to be a firmware related problem. Possibly you need to force the Tech support in India to escalate this issue to the firmware/Engineering Division. |
|
