RE: Spoofing (?) error

[Christopher Congdon]

The only reason I don’t think that’s the case is that fact that everything else works right. The Spoofing errors only show up for port 53 requests. According to the log entry below, it almost looks like the GnatBox itself is trying to make a DNS request internally then is being surprised when the request shows up on its EXT interface.   -----Original Message----- From: Danny H. Cox [mailto:[EMAIL PROTECTED]] Sent: Friday, November 02, 2001 19:21 To: Christopher Congdon Subject: RE: Spoofing (?) error   Looks like you have the Pro and DMZ (or PSN) cables backwards.   Danny -----Original Message----- From: Christopher Congdon [mailto:[EMAIL PROTECTED]] Sent: Friday, November 02, 2001 11:37 AM To: [EMAIL PROTECTED] Subject: Spoofing (?) error I’ve been getting a series of alarms like this one from the GnatBox Light I installed at my father’s home.   192.168.1.1 is the PRO interface on his GnatBox. 63.94.115.62 is a DNS server on my network behind a GnatBox Flash. I’m wondering if I have configured something incorrectly in the GB Light. Any suggestions on what to look at?     ALARM NO: 3             DATE: Fri 2001-11-02 14:26:34        INTERFACE: PROTECTED (xl0)   INTERFACE TYPE: Protected       ALARM TYPE: Possible spoof        IP PACKET: UDP  [192.168.1.1/137]-->[63.94.115.62/53]  l=49       DETAILED DESCRIPTION:         Return interface for IP packet is different than arrival.         Thanks, Christopher