But there are also people who believe in windows, who believe it makes sense to use netbios packets in the internet. They dont even know their box is sending and receiving RIP.
I dont recollect any connection between Netbios and RIP. Am i missing something? Even if some application is leaking the RIP packets, why would they carry a tag in them?
I thought it was a field rarely used in the implementations.
You are right, there is no connection between Netbios and RIP. They are accidently running on the same system. I have seen RIP on all kinds of routers and systems. It is kind of plug and play. They mostly use RIP v1 but Tags is RIP v2. My first guess it must be a router or a unix system, maybe MAC OS X
I dont believe in blocking internet packets, but I am shure it is a good idea blocking those RIP packets. They are definitely ment to stay in the local network. RIP was never meant for the internet. Only missconfigured router allow it to pass through.
Routers normally dont let RIP pass through. They eat it and send out something new. So whoever sends RIP must be a router or a hacker trying to play man in the middle.
And I cannot imagine anybody using RIP packets for SSH or something like that :)
It could be a windows pc that connects a lan to the internet and there is IPv6 in the lan. Then they might use RIP v2. It could be a Sun. As soon as they start routing they start RIP and they do RIP v2. CISCO? As far as I remember you have to start RIP in your configuration. They dont do it automatically. I remember rarely, very rarely having seen RIP and ICMP packets trying to redirect a 192.168.something to somebody else
Thanks, Tom
You are welcome. Peter -- Peter and Karin Dambier Public-Root Graeffstrasse 14 D-64646 Heppenheim +49-6252-671788 (Telekom) +49-179-108-3978 (O2 Genion) +49-6252-750308 (VoIP: sipgate.de) +1-360-448-1275 (VoIP: freeworldialup.com) mail: peter@peter-dambier.de http://iason.site.voila.fr http://www.kokoom.com/iason