[Shorewall-users] ProxyArp Implementation check
ama.kalu at cwlgroup.net
Thu Dec 4 15:28:30 PST 2003
I have just implemented ProxyARP with my Mail server behind shorewall.
It appears to be working OK as I can both send and receive mails, and
this server is available to both the NET and my LAN using the same
The only port open to the net from shorewall is https (443)
I have attempted to reach both the Mailserver and the firewall with nmap
But I have been seeing this in my Mail server logs for the past 24 hours
since I did this ProxyARP thing.
"Connection attempt to service SMTP from IP address 127.0.0.1 rejected."
My question is this;
Is someone attempting some form of exploit via https on my mail server?
How did this person go past shorewall? Has anyone any idea what is going
Are there other ways of testing that ProxyARP and shorewall are working
Thanks for your assistance.
More information about the Shorewall-users