[OmniOS-discuss] web site seems to attack server internet connection
Josh Coombs
jcoombs at staff.gwi.net
Mon Apr 17 11:59:38 UTC 2017
I would think a packet capture on e1000g0 and e1000g1 would be good places
to start looking.
Josh C
Joshua Coombs
GWI
*office* 207-494-2140
www.gwi.net
On Mon, Apr 17, 2017 at 2:42 AM, Michael Mounteney <gate03 at landcroft.co.uk>
wrote:
> If anyone has an OmniOS machine acting as a NAT with IP forwarding (as
> I have) they might care to try to reproduce a circumstance I am seeing,
> where visiting a web site on a workstation connected THROUGH the
> server, brings down the server's interface. Diagrammatically:
>
> interwebs
> |
> cable-modem
> |
> e1000g0
> |
> OmniOS
> |
> e1000g1
> |
> workstation
>
> On the workstation:
>
> 1. Browser, visit http://www.yamaguchien.com.au/ I've used this site
> for several years so regard it as 'legitimate'.
> 2. Click Shop and order something. I ordered Sencha premium.
> 3. Go to Checkout.
> 4. Fill in some details. Dummy address: Parliament Way, Canberra,
> ACT 2000 (the site validates addresses). Click checkout.
> 5. The browser may or may not start to load paypal.com but whatever;
> e1000g0 (as it is on my system) appears to be down, inasmuch as I can
> no longer ping 89.16.167.134 (google.com) from the *server*. It is
> necessary to take the interface down and up, and delete and add the
> default route, or maybe some other fiddling, to restore the interface.
>
> Does this indicate that Something Nasty is happening?
>
> ______________
> Michael Mounteney
> _______________________________________________
> OmniOS-discuss mailing list
> OmniOS-discuss at lists.omniti.com
> http://lists.omniti.com/mailman/listinfo/omnios-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://omniosce.org/ml-archive/attachments/20170417/d9acf419/attachment-0001.html>
More information about the OmniOS-discuss
mailing list