Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

IP Spoofing

Status
Not open for further replies.
technical1

technical1

Technical User
Joined
Sep 2, 2002
Messages
52
Location
GB
Good Morning All,
Ive noticed the following in my sys logs, could anyone shed some light on what they REALLY are, and whether my PIX has been compromised?

Output:
PIX-2-106016: Deny IP spoof from (127.0.0.1) to ip.ad.dr.ess on interface outside
PIX-2-106016: Deny IP spoof from (127.0.0.1) to ip.ad.dr.ess on interface outside

Regards,
Vinay
 
Sort by date Sort by votes
This message indicates that the packet has an invalid source address, in this case the loopback address 127.0.0.1 which is a reserved address. The PIX has not been compromised, but is indicating that its dropping these invalid packets.

I suspect that these packets are most likley to originate from an internal mis-configured host, as 127.0.0.0 addresses are supposed to be dropped by ISP routers. Therefore you should not see this address appear on the outisde interface.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
1K
Sameer258
Sameer258
XLNTech1
  • Locked
  • Question Question
iptables port forwarding
Replies
0
Views
842
XLNTech1
XLNTech1
Sparrow4
  • Locked
  • Question Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
1K
Johnkite
Johnkite
Russtoleum
  • Locked
  • Question Question
SW GVC won't route traffic through sonicwall to offsite tunnel unless it leases an ip on the same su
Replies
1
Views
385
Russtoleum
Russtoleum
sudhakar346
  • Locked
  • Question Question
Cisco ASA inside to DMZ issue over public IP
Replies
2
Views
382
kythri
kythri

Part and Inventory Search

Sponsor

Back
Top