Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 2 subscribers
  • Views 668 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

What is this?

BanksDad
My live packet filter log indicates a steady attempt from IP 73.88.0.1 -> 255.255.255.255 on port 68 / UDP / Header 20 / variety of payloads in the 300s. 64 TTL and MISC code of CE.   I have no clue what that IP is but it appears local... however my local addresses are in the 192 nets.  My external is on the 24.xx net.  Could this be my cable modem?  When I do an NSlookup, it comes back immediately from my local ISP.  What is the purpose of this steady stream of packets?  It is occuring every few seconds.


This thread was automatically locked due to age.
Parents
  • 0
    Port 68 & 69 are usually DHCP traffic.

    255.255.255.255 is the global broadcast IP address.

    If you don't like seeing it in your logs, create a Net definition for that IP address, and create a rule to drop the traffic to it.

    Barry
  • 0 in reply to BarryG
    Sounds like you're on cable, with that 24.x.x.x address range... Barry is right, it's DHCP. Create a drop rule for broadcasts, and disable logging on that rule.  It's annoying, but normal!

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Reply
  • 0 in reply to BarryG
    Sounds like you're on cable, with that 24.x.x.x address range... Barry is right, it's DHCP. Create a drop rule for broadcasts, and disable logging on that rule.  It's annoying, but normal!

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Children
No Data
Cookie Information Banner