|
|
linux.lover2004@xxxxxxxxx wrote:
> hello,
> I am working on linux and i observe that i am getting some
> 0.0.0.0 packets? I want to know who is sending those packets? Are they
> sent by services running on my Linux box?
> Which protocols require to send those packets? Does there any
> connection with raw sockets?
Hi,
There is no reason why a process should ever send packet with src IP set to
0.0.0.0
The only thing I can think of, is a broken application. Or some sort of
security tools using a spoofed IP.
You should tcpdump your interfaces to see where these packets are coming
from, and track them hop by hop, up to the real source.
Good luck.
--
Vincent Jaussaud, Kelkoo.com IT Architect
---
Out of the crooked timber of humanity no straight thing can ever be made.
-- Immanuel Kant
|
|