[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

traffic leaking out on PPP connection

My firewall is pretty tight.  I block all incoming by default and let out only certain
destination ports.  I'm currently filtering on external interface only.
Now I decided to do a check on all outgoing traffic (filtering out of course the allowed ports)
and I made an interesting discovery.
I am on dial-up (PPP) with a Canadian ISP (Sympatico) and I am sending out regular replies to
port 135.  I figured this is due to PPP tunneling.  In 15 minutes I was replying to about a
dozen different IP addresses but they all resolve back to my ISPs servers (or clients?):
# host domain name pointer SSMarie-ppp128981.sympatico.ca.
# host domain name pointer Ottawa-ppp-198986.sympatico.ca.
# host domain name pointer Lindsay-ppp-147952.sympatico.ca.
# host domain name pointer London-ppp51940.sympatico.ca.
# host domain name pointer HSE-Ottawa-ppp-33124.sympatico.ca.
Any comments?
Post your free ad now! http://personals.yahoo.ca