tcp dump question
Results 1 to 3 of 3

Thread: tcp dump question

  1. #1
    Junior Member
    Join Date
    Oct 2003
    Posts
    1

    tcp dump question

    Heres the senerio....
    When I tcpdump my lan I see normal arp request and microsoft net-bios traffic....all normal. I am behind a hardware firewall ...I see many requests, be it http(80) or AIM(5190) on subnet 192.168.1.100 or somthing alike ...all normal if that was the subnet I was using , but its not , granted I am using a non-routable subnet but not the same one. I have checked all systems on the network and non have this IP . Even wierder is if I sniff the connection I can see traffic passing . is it possible that this traffic is getting forwarded to all hosts on my cable connections? anybody got any ideas as to what is happening... Thanks

  2. #2
    Senior Member Wazz's Avatar
    Join Date
    Apr 2003
    Posts
    288
    Is that the Gateway Address of a router on the network?
    "It is a shame that stupidity is not painful" - Anton LaVey

  3. #3
    Junior Member
    Join Date
    Oct 2003
    Posts
    26
    Wazz is right, it may be a gateway..... on the other hand it can be a network address translator from your cable provider. I've a set-up that is somehow a similar, all out-bound traffic are translated to a single IP address and all incoming are directed to the machines respective public addresses. I hope this helps.

    Wazz may be correct, it can be your hosts gateway. Or it can be a network address translator. some practices a method of translating outgoing and incoming traffic to a single IP adress.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •