IPSpoofing

• From: "Larry Lentz" <Larry@xxxxxxxxxxxxxxxxx>
• To: "ISA Server Discussion List" <isalist@xxxxxxxxxxxxx>
• Date: Sat, 23 Aug 2003 12:50:21 -0500

One of my clients is continually getting bombarded with an IP Spoofing
attack. I in turn am being bombarded with emails about the attack from
ISA. The offending IP address is 127.0.0.1 which of course is the local
loopback address.  The message I'm getting is:

ISA Server detected a spoof attack from Internet Protocol (IP) address
127.0.0.1. A spoof attack occurs when an IP address that is not
reachable via the interface on which the packet was received. If logging
for dropped packets is set, you can view details in the packet filter
log.


How can I determine the source of this and correct it?

Thanks!

Larry

----------------------------------------------
Larry Lentz, MCSE+I, MCDBA
MCSE on Windows 2000
GoldMine Certified Professional
Lentz Computer Services
GoldMine Solutions Partner
San Antonio, Texas 
Larry@xxxxxxxxxxxxxxxxx
www.LentzComputer.NET
 <<Picture (Metafile)>> 
For networking that makes sense, count on Lentz!
----------------------------------------------

Other related posts:

• » IPSpoofing

1. Home
2. isalist
3. Archive
4. 08-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---