Hi , I 'm trying to download 2.2 via ftp. Everything is fine I get to
term Log in and then get this " Packet mode" and then it just hangs up
I don't know what I'm doing wrong.
Can someone please help.
One of our users got a complaint from a distant site that
his machine was sending packets which the remote site's firewall
was rejecting. The person at the remote site wanted to know
why. tcpdump, which we are just now learning to use, confirmed
out machine was sending packets out to a variety of sites.
We reinstalled the OS after formatting the disk and ran it without
the /home partition mounted. But that did not resolve the problem,
tcpdump still showed packets being sent out. We also tried some
other measures I won't go into here. But after some further
investigation, we saw that each time there was an incoming (icmp)
packet, our machine just responded to the (apparent)
ip address of the source machine. It is quite possible, perhaps
even likely, that this was the case all along, since we could find
no evidence of tampering in the first place.
I can envision two possibilities here. (1) The source machines
had been compromised and were all aiming an attack at our machine
(which was running a web server). (2) Someone was sending packets
with many false ip addresses to our machine which was responding.
We would appreciate any comments on what may be happening, and
any ideas for countermeasures.
As a postscript, let me add that several machines on our campus
had web sites atacked and made to post anti Chinese obscenities.
But that had not happened to the machine discussed above.
Dept. of Mathematics, Northwestern Univ., Evanston, IL 60208