Ascend Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
(ASCEND) Our IP Spoofed a MAX ... !
Hello,
Well maybe not spoofing *BUT*.
I noticed some connectivity problems to one of our MAXes with SNMP. I
telnet'ed to the MAX and did a "show users". Which showed this
I 245348133 2:20 7:11 26400 MP[0] 204.120.80.167 mcar
I 245348124
2:23 4:2 28800 MP[0] 204.120.80.161 geme
< a bunch more IP's and
then >
I 245348028 1:17 3:4 26400 MP[0] 205.164.157.2 mkm
This is the IP address of one of our servers < 205.164.157.2 >, I suspect
this user is playing some sort of spoofing game which is not a good thing.
Is there a way to deny the max from accepting a connection from certain IP
addresses within our Network ?
Our boarder routers are configured not to allow traffic that originates
outside of our network with IP's of our network ( anti-spoofing ) but what
about this sort of attack where someone logs in with an IP of a server on
the network ?
Any insight here greatly appreciated.
Regards,
Bill Hamel
++ Ascend Users Mailing List ++
To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd: <http://www.nealis.net/ascend/faq>
Follow-Ups: