firewall kernel: martian source 196.xx.xx.xx from 165,146.xx.xx on dev eth0 ???

firewall kernel: martian source 196.xx.xx.xx from 165,146.xx.xx on dev eth0 ???

Post by Vampyr » Wed, 25 Jan 2006 04:40:06



hi there,

I'v noticed in my logs the following on my Redhat iptables box

firewall kernel: martian source 196.xx.xx.xx from 165,146.xx.xx on dev
eth0
196.xx.xx.xx being the internet ip on eth0

the 165.xx.xx.xx is my ISP up on my machine at home, i noticed these
messages at the time time i tried to connect from my home machine to
the 196.xxx.x.x box
the connection to ssh was timmed out ???

what can this be .. i read about martain messages bing spoof messages.
but the addrss if my ip of my home machine , ISP assigned.

anyone with any idea's ?

Thank in advance for any advice

 
 
 

firewall kernel: martian source 196.xx.xx.xx from 165,146.xx.xx on dev eth0 ???

Post by Bit Twiste » Wed, 25 Jan 2006 04:46:58



Quote:> hi there,

> I'v noticed in my logs the following on my Redhat iptables box

> firewall kernel: martian source 196.xx.xx.xx from 165,146.xx.xx on dev
> eth0
> 196.xx.xx.xx being the internet ip on eth0

> anyone with any idea's ?

http://groups.google.com/advanced_group_search
martian source      in the first box
bit twister         in the Author box

 
 
 

firewall kernel: martian source 196.xx.xx.xx from 165,146.xx.xx on dev eth0 ???

Post by Vampyr » Wed, 25 Jan 2006 16:07:08


unfortunatly that explaination does help me, as i know the 165 address
is a legit ADDRESS, and that it's not spoofed
I'v did some google searches , and no proper answer as to why ???

i'm becomming desperate now.

 
 
 

firewall kernel: martian source 196.xx.xx.xx from 165,146.xx.xx on dev eth0 ???

Post by Bit Twiste » Wed, 25 Jan 2006 23:41:57



Quote:> unfortunatly that explaination does help me, as i know the 165 address
> is a legit ADDRESS, and that it's not spoofed

So was the poster's given in the thread.

Did you see the posters solution. He set his /etc/hosts file per
the example and his problem went away.

 
 
 

1. Could not reverse map address xx.xx.xx.xx???

when I use telnet or ssh to connect to my server throuth adsl direcly there
is no problem, but after i adding a router to share the broadband(using
buffulo airstation) login is no problem, but after the x terminal idle for
serveral minutes it disconnects from the server(the same story if I use
putty), but if keep something running say ping a ipaddress it will not
disconnect forever, I check the /var/log/secure there's a message "Mar 17
10:45:17 ser01 sshd[32030]:Could not reverse map address
XXXX.XXXX.XXXX.XXXX",  what's the problem, do I need to set something in the
router??

2. QT 2.0.2 Extensions Building Problem

3. connection was refused when connect to xx.xx.xx.xx

4. Using IPC Semaphores

5. BAD MAC = XX:XX:XX ...

6. HP Laser IV

7. modules-XX.XX.XX where?

8. Matrox Millenium and Linux

9. regular expression to parse 0,xx/xx/xx and replace 0 in GPEP

10. 10.xx.xx.xx network?

11. Kernels! v1.3.xx or v1.2.xx?!

12. S-Ware 3.0, compiling kernel 1.2.xx or 1.3.xx doesn't happen

13. Kernel Panic - VHP : unable to mount fs at XX:XX ?????