Results 1 to 6 of 6

Thread: Packet from 0.1.0.1?

Thread Tools
- Show Printable Version
Display
- Switch to Linear Mode
- Switch to Hybrid Mode
- Threaded Mode

Threaded View

September 4th, 2004, 06:51 PM #1
cgkanchi

View Profile

View Forum Posts

Visit Homepage
Antionline Herpetologist

Join Date

Aug 2001

Posts

1,165
Packet from 0.1.0.1?

This is what my firewall log shows (Kerio Personal Firewall 4). Note the raddr (remote address) parameter. It says 0.1.0.1

[04/Sep/2004 22:25:57] "Ids" action = permitted, raddr = 0.1.0.1, msg = '"BAD-TRAFFIC 0 ttl"', url = 'http://support.microsoft.com/default.aspx?scid=kb\;EN-US\;q138268', direc = in, class = 'misc-activity', priority = low

Now, I would tend to think that this is a spoofed packet. I'd also be worried that it was permitted by my newly installed firewall. Looks like I need to start tightening my ruleset a little bit.
Any opinions?

Cheers,
cgkanchi

Buy the Snakes of India book, support research and education (sorry the website has been discontinued)
My blog: http://biology000.blogspot.com
Reply With Quote

Quick Navigation Network Security Discussions Top

« Previous Thread | Next Thread »

Posting Permissions

You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
[VIDEO] code is On
HTML code is Off

Forum Rules

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Thread: Packet from 0.1.0.1?

Thread Tools

Display

Threaded View

Packet from 0.1.0.1?

Posting Permissions