Re: Illegal IP Addresses (II)

David E. Wach (
Tue, 22 Jun 1999 11:43:46 -0700 (PDT)

On Mon, 7 Jun 1999, Bruce Stephens wrote:

> are a little incorrect. But there is no way of tracing 'traceroute' these
> addresses. So how does anyone expect to get a response to a command from a
> 192.168.x.x address across the internet?
> Interestingly, even though the UDP message from is stopped by
> the firewall (RULE is DENY) this system attempts to respond with an ICMP/3
> back to (in this case) but is blocked by the fw-out rules
> (and logged)!!
> Neat huh.
> To date I have had 2740 hits - admittedly over a period of a few weeks.
> Regards,
> Bruce.

Sorry to revisit an old thread, but was just troubleshooting some
masq-related problems and noticed that we were getting packets trying to
go to If you do a reverse lookup on that address, you get:


The network in question did have a lot of printing (netbios) activity on

Anyway, something to look for leaking from any Win* based network.


David E. Wach                        |
Senior Systems Administrator         |
ClipperNet Internet Access Services  |    "Zeros and ones will take
541.431.3360                         |       us there..."                    |               |

- To unsubscribe from this list: send the line "unsubscribe linux-net" in the body of a message to