[psad-discuss] 0.0.0.0 alerts/newbie

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Hi,

I just installed psad 1.3.2 on my machine (having also bastille to set up=
 the firewall).=20
It seems to work fine, but it sends me lots of messages concerning traffi=
c from 0.0.0.0 to=20
255.255.255.255. I guess this is net requests for dhcp/bootp.=20
The content of the message is reproduced below.
Can someone tell me how to fix this ? I'd be gratefull if my mailbox is n=
o longer=20
flooded by these messages.

Thanks, Paul.

=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D Thu Aug 26 16:36:26 2004 =
=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D
 ** psad: Suspicious traffic detected against 255.255.255.255

         Danger level: [3] (out of 5)=20

    Scanned udp ports: [67: 2 packets, Nmap: -sU]
       Iptables chain: INPUT (prefix "PUB_IN DROP 5"), 2 packets

               Source: 0.0.0.0
                  DNS: [No reverse dns info available]

          Destination: 255.255.255.255
                  DNS: [No reverse dns info available]

      Syslog hostname: pcvsf21

     Current interval: Thu Aug 26 16:36:11 2004 (start)
                       Thu Aug 26 16:36:26 2004 (end)

   Overall scan start: Thu Aug 26 16:04:24 2004
   Total email alerts: 50
   Complete udp range: [67]

   chain:   interface:   tcp:   udp:   icmp: =20
   INPUT    eth0         0      78     0     =20

 ** Whois Information: **
No whois server is known for this kind of object.

=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D Thu Aug 26 16:36:26 2004 =
=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D
--=20
___________________________________________________________
Sign-up for Ads Free at Mail.com
http://promo.mail.com/adsfreejump.htm