web site (wiredgoats, ipchains/iptables rules check)

Dustin Mollo dustin at sonic.net
Fri Oct 18 11:51:23 PDT 2002


I've been trying to catch up on my nblug-talk email - sorry I haven't gotten
to this sooner.

I did find one IP in our firewall rules that comes from the 216.174.197.0/24
subnet.  I removed that IP from the list.  Give it a shot again, Sue, and
let us know how it goes.

-Dustin

On Fri, Oct 18, 2002 at 07:03:40AM -0700, dugan at passwall.com wrote:
> This is something that one of the box admins would probably need to
> examine. I need to have a new key generated and replaced before I can
> log into the box again, so this may be for Eric or Dustin or Brad or...
> 
> -ME (more at end of message...)
> 
> On Thu, Oct 17, 2002 at 09:35:43PM -0700, Sue Bennett wrote:
> > Thanks for all the ideas on not being able to get to the nblug 
> > web site.
> > 
> > It still is not working.  I can not hit it via URL or IP address.
> > I can hit other sonic pages.     
> >    f) http://www.sonic.net/     (same provider, network, etc.)
> >    g) http://www.mirafiori.com/ (In the same /25)
> > -------------------------------------------------------------------------------
> > linux:/etc # traceroute 208.201.242.2
> > traceroute to 208.201.242.2 (208.201.242.2), 30 hops max, 40 byte 
> > packets
> >  1  cds-ppp.cds1.net (192.168.1.254)  168 ms  170 ms  150 ms
> >  2  gw-atg.cds1.net (216.174.197.129)  160 ms  160 ms  160 ms
> >  3  206-58-251-97.atgi.net (206.58.251.97)  180 ms  190 ms  160 
> > ms
> >  4  gig00.cr1.snrsca16.atgi.net (206.58.248.71)  170 ms  150 ms  
> > 160 ms
> >  5  se13.cr1.paixpa.atgi.net (216.210.208.1)  170 ms  160 ms  160 
> > ms
> >  6  Serial3-9.GW9.PAO1.ALTER.NET (157.130.212.113)  150 ms  170 
> > ms  160 ms
> >  7  136.ATM3-0.XR2.PAO1.ALTER.NET (152.63.52.198)  160 ms  170 ms  
> > 160 ms
> >  8  0.so-0-0-0.XL2.PAO1.ALTER.NET (152.63.54.77)  160 ms  180 ms  
> > 170 ms
> >  9  0.so-4-0-0.XL2.SFO4.ALTER.NET (152.63.55.66)  170 ms  160 ms  
> > 160 ms
> > 10  POS4-0.XR2.SFO4.ALTER.NET (152.63.55.70)  180 ms  200 ms  170 
> > ms
> > 11  190.ATM6-0.GW3.SFO4.ALTER.NET (152.63.51.133)  190 ms  160 ms  
> > 160 ms
> > 12  sonicnet-gw2.customer.alter.net (157.130.203.234)  360 ms  
> > 320 ms  170 ms
> > 13  hssi4-0-0.border.sr.sonic.net (64.142.0.1)  270 ms  180 ms  
> > 190 ms
> > 14  eth1.dist1-1.sr.sonic.net (208.201.224.30)  210 ms  180 ms  
> > 200 ms
> > 15  * * *
> > 16  * * *
> > 17  * * *
> > 18  * * *
> > 19  * * *
> > 20  * * *
> > 21  * * *
> > 22  * * *
> > 23  * * *
> > 24  * * *
> > 25  * * *
> > 26  * * *
> > 27  * * *
> > 28  * * *
> > 29  * * *
> > 30  * * *
> 
> Looking over the resulrs here and traceroute on a system that makes it,
> the last hop is actually the box itself. 
> 
> It would be a good idea for someone to check the box to see if firewall
> rules were not added to block her ISP.
> 
> I seem to recall augie or someone else was not able to view content on
> nblug and it turned out that the box had blocked traffic from their IP.
> 
> -ME
> 
> -- 
> -----BEGIN GEEK CODE BLOCK-----
> Version: 3.12
> GCS/CM$/IT$/LS$/S/O$ !d--(++) !s !a+++(-----) C++$(++++) U++++$(+$) P+$>+++ 
> L+++$(++) E W+++$(+) N+ o K w+$>++>+++ O-@ M+$ V-$>- !PS !PE Y+ PGP++
> t at -(++) 5+@ X@ R- tv- b++ DI+++ D+ G--@ e+>++>++++ h(++)>+ r*>? z?
> ------END GEEK CODE BLOCK------
> decode: http://www.ebb.org/ungeek/ about: http://www.geekcode.com/geek.html
>   Campus IT(/OS Security): Operating Systems Support Specialist Assistant



More information about the talk mailing list