Hi Michael,
On Tue, Jan 31, 2012 at 04:01:08PM -0600, Michael Corliss wrote:
> After making sure that my VPS is receiving packets on the right address,
> I'm now getting warnings that it's sending on the old address.
I had a look at what was caught for you and it was just 9 packets,
split between source port 443 and source port 53. Probably just
scans.
So I wouldn't be too concerned.
> To my knowledge I don't have any software installed for which I
> needed to specify the VPS' IP, so my guess is that this will end
> when I remove the old address from network/interfaces. Is that
> right?
You will definitely not be able to send packets from an IP address
you have removed¹. ;)
> Is there a way to test before deleting the old IP?
# tcpdump -vpni eth0 'src net 212.13.194.0/23 and not arp'
will show you any traffic going in or out of your eth0 that has a
source address inside 212.13.194.0/23 and is not ARP traffic.
Cheers,
Andy
¹ OK yeah barring some crafty thing you do to generate such traffic.
From andyjpb@??? Tue Jan 31 23:16:07 2012
Received: from pavilion.ashurst.eu.org ([212.13.194.45])
by mail.bitfolk.com with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
(Exim 4.72) (envelope-from <andyjpb@???>)
id 1RsMvn-0004i5-8P; Tue, 31 Jan 2012 23:16:07 +0000
Received: from [87.114.10.242] (helo=[192.168.1.82])
by pavilion.ashurst.eu.org with esmtpsa
(TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.72)
(envelope-from <andyjpb@???>)
id 1RsMvm-0001ml-CD; Tue, 31 Jan 2012 23:16:06 +0000
Message-ID: <4F28763A.2080507@???>
Date: Tue, 31 Jan 2012 23:16:10 +0000
From: Andy Bennett <andyjpb@???>
User-Agent: Mozilla-Thunderbird 2.0.0.22 (X11/20090707)
MIME-Version: 1.0
To: users@???
References: <20120131160310.GO23380@???>
In-Reply-To: <20120131160310.GO23380@???>
X-Enigmail-Version: 0.95.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
spamd0.lon.bitfolk.com
X-Spam-Level:
X-Spam-ASN:
X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED,SHORTCIRCUIT
shortcircuit=ham autolearn=disabled version=3.3.1
X-Spam-Report: * -0.0 SHORTCIRCUIT Not all rules were run, due to a shortcircuited rule
* -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP
X-Virus-Scanner: Scanned by ClamAV on mail.bitfolk.com at Tue,
31 Jan 2012 23:16:07 +0000
X-SA-Exim-Connect-IP: 212.13.194.45
X-SA-Exim-Mail-From: andyjpb@???
X-SA-Exim-Scanned: No (on mail.bitfolk.com); SAEximRunCond expanded to false
Cc: announce@???
S
