-
Spoof Attack
I was checking my SonicWall log, and this turned up:
05/03/2004 18:07:28.048 FTP: PASV response spoof attack dropped
Source: 192.165.218.22, 21, WAN
Destination: 192.168.1.33, 3443, LAN
So what appears to be going on here? Is someone trying to spoof me?
-
is just ur firewall alerting u that an attack was detect and defeated. i advise u to ignore, since there are tons of attacks per second and its is impossible to seek out each one (except maybe is it is reocurring)
-
Here is a great resource. Should answer all of your questions.
http://www.sonicwall.com/services/pd...events_ref.pdf
*IP Spoof Detected - A packet with a source IP address and arriving at an interface that conflicts with the SonicWALL route table was detected and rejected by the SonicWALL.
-
Don't fret unless you can put it together with other attacks, false positives are a dime a dozen.
-
Don't fret unless you can put it together with other attacks, false positives are a dime a dozen.
-
Thanks InfoTech, that's exactly what I needed.
Well, it turns out it was our other tech guru who was the FTP that was blocked out, so all is well. That was a good lesson in log analysis nonetheless.
-
Thanks InfoTech, that's exactly what I needed.
Well, it turns out it was our other tech guru who was the FTP that was blocked out, so all is well. That was a good lesson in log analysis nonetheless.