RE: spoof attack
- From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 2 Mar 2006 11:39:09 -0800
Some details of your network and the error are appropriate.
ISA determines "spoof" by comparing the source IP of teh received packet to the
Windows routing table and the address assignments of the network where the
packet was received.
If the combined data doesn't agree, ISA calls "spoof".
________________________________
From: James [mailto:jmay@xxxxxxxxxx]
Sent: Thu 3/2/2006 11:15 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] spoof attack
http://www.ISAserver.org
Hello,
I keep getting this error message under the alerts in the monitoring tab
on ISA 2004 server.
The message is.
ISA server detected a spoof attack from internet protocol listing the ip
address xxx.xxx.xxx.xxx which is my internal sbs2000 server. I have ISA
2004 running on a seporate box.
Thanks Jim
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
Other related posts:
