For what it's worth, I used to receive fairly regular UDP high port ->
port 137 packets from home's web proxy servers to my cable box. In
that case, what was going on (as far as I was ever able to determine)
was that the log program home was using was trying to resolve my
computer's IP address into a computer name. Why it didn't just use my
computer's DNS name (considering that home's log-analysis programs
should be able to reach home's DNS servers) is beyond me. I find
this especially odd behavior since everything else indicated that the
web proxies were unix boxes; maybe the log analysis program itself
knows about resolving names via windows networking. (Or is there some
weird Samba hook into the standard name-resolution scheme?)

I stopped logging port 137 UDP a while ago, so I don't know if this is
still occurring.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]