Archives
Archives
| From: | James <wireless@×××××××××××.com> | ||
|---|---|---|---|
| To: | gentoo-user@l.g.o | ||
| Subject: | [gentoo-user] Re: martian source with unknown IP and MAC | ||
| Date: | Tue, 18 Aug 2015 03:21:56 | ||
| Message-Id: | loom.20150818T051531-863@post.gmane.org | ||
| In Reply to: | [gentoo-user] martian source with unknown IP and MAC by Grant |
||
| 1 | Grant <emailgrant <at> gmail.com> writes: |
| 2 | |
| 3 | > I received a suspicious prompt while browsing a financial account of mine |
| 4 | on my laptop so I restarted my modem but did not DHCP to it. I immediately |
| 5 | received a series of type 08 00 martian sources logged to dmesg on my laptop |
| 6 | from a 10.x.x.x source while my local network runs on 192.168.x.x only, and |
| 7 | the logged MAC address does not match that of any systems on my LAN |
| 8 | including the modem and I don't run wifi. Is that martian source suspicious? |
| 9 | |
| 10 | Always. But it could be a benign or mangled packet. Hard to tell |
| 11 | without deeper analysis |
| 12 | |
| 13 | |
| 14 | This might help [1]. As well as RFC 1812 [2] |
| 15 | |
| 16 | Post back if needed. [3] |
| 17 | |
| 18 | hth, |
| 19 | James |
| 20 | |
| 21 | [1] |
| 22 | http://www.cyberciti.biz/faq/linux-log-suspicious-martian-packets-un-routable-source-addresses/ |
| 23 | |
| 24 | [2] https://www.novell.com/support/kb/doc.php?id=3923798 |
| 25 | |
| 26 | [3] https://6session.wordpress.com/2009/04/08/ipv6-martian-and-bogon-filters/ |