Ascend Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: (ASCEND) Our IP Spoofed a MAX ... !
On Sat, 25 Oct 1997, Bill Hamel wrote:
> Hello,
>
> Well maybe not spoofing *BUT*.
>
> I noticed some connectivity problems to one of our MAXes with SNMP. I
> telnet'ed to the MAX and did a "show users". Which showed this
>
> I 245348133 2:20 7:11 26400 MP[0] 204.120.80.167 mcar
> I 245348124
> 2:23 4:2 28800 MP[0] 204.120.80.161 geme
> < a bunch more IP's and
> then >
> I 245348028 1:17 3:4 26400 MP[0] 205.164.157.2 mkm
If this is your DNS server by chance? Then you may want to ensure
that you have POOL ONLY set to yes , under Wan Options. Users
make this mistake a lot, They put the DNS server under I.P. Addresses
and if you don't have that option selected then BAMM he takes the
I.P. address of your server
Jason
>
> This is the IP address of one of our servers < 205.164.157.2 >, I suspect
> this user is playing some sort of spoofing game which is not a good thing.
>
> Is there a way to deny the max from accepting a connection from certain IP
> addresses within our Network ?
>
> Our boarder routers are configured not to allow traffic that originates
> outside of our network with IP's of our network ( anti-spoofing ) but what
> about this sort of attack where someone logs in with an IP of a server on
> the network ?
>
> Any insight here greatly appreciated.
>
> Regards,
> Bill Hamel
>
>
>
>
> ++ Ascend Users Mailing List ++
> To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
> To get FAQ'd: <http://www.nealis.net/ascend/faq>
>
++ Ascend Users Mailing List ++
To unsubscribe: send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd: <http://www.nealis.net/ascend/faq>
References: