RE: Spoof Attack
- From: "Kelli Irwin" <kirwin@xxxxxxxxxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 9 Jun 2003 13:04:21 -0400
Hi Arthus,
If you have a double entry for destination 0.0.0.0 in your ISA Server's routing
table, that will cause the false spoofing that you seem to be experiencing.
Kelli
-----Original Message-----
From: Lim, Arthus T. [mailto:alim@xxxxxxxxx]
Sent: Thursday, June 05, 2003 4:34 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Spoof Attack
http://www.ISAserver.org
ISA Server detected a spoof attack from Internet Protocol (IP) address
203.167.103.38. A spoof attack occurs when an IP address that is not reachable
via the interface on which the packet was received. If logging for dropped
packets is set, you can view details in the packet filter log.
I received a lot of this alert messages lately. How can I avoid spoof attack?
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
kirwin@xxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
