RE: Spoof Attack
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Sun, 8 Jun 2003 20:29:09 -0500
Hi Rami,
That explains the spoof. The address it was trying to contact was on the
LAT and LAT networks can never be connected to except through the ISA
Server.
HTH,
Tom
Thomas W Shinder
www.isaserver.org/shinder
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
-----Original Message-----
From: Rami SIK [mailto:rami@xxxxxxxxxxxxxxx]
Sent: Friday, June 06, 2003 1:50 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: Spoof Attack
http://www.ISAserver.org
This is the following message I got:
ISA Server detected a spoof attack from Internet Protocol (IP)
address 10.246.236.1. A spoof attack occurs when an IP address that is
not reachable via the interface on which the packet was received. If
logging for dropped packets is set, you can view details in the packet
filter log.
My LAT table contains 10.0.0.0 - 10.255.255.255
My configuration is;
| 10.x.x.x | | 192.168.2.x |
LAN |---------------------| ISA
|---------------------------| Firewall
| | |
|
--------------------------------------------------------------------
Rami SIK
System & Network Administrator
CCNA
Kimyatas
Istanbul / Turkey
Tel:90-212-334 4963
--------------------------------------------------------------------
Other related posts:
