I've been seeing random spoofing for months. As long as your rules prevent it, I wouldn't sweat it too much. The fact that you know what spoofing is, and your firewall is dropping spoofed packets puts you ahead in the spoofing game.
> -----Original Message----- > From: Deon Grobler [mailto:[EMAIL PROTECTED]] > Sent: Thursday, October 18, 2001 1:44 PM > To: [EMAIL PROTECTED] > Subject: IPspoof in firewall logs > > > Hiya guys > > I am getting this in my firewall logs which have been lasting > for around 2 > days now and can't seem to get anymore info on it. I am > using a sonicwall > firewall. Can anyone possibly help me find out how to solve > this problem? > > 10/18/2001 11:53:18.240 - IP spoof detected - > Source:10.2.0.4, 137, LAN - > Destination:63.102.226.36, 137, WAN - MAC address: > 00.B0.D0.F3.6F.4A - > > thanks > > Deon Grobler - Systems Engineer > [EMAIL PROTECTED] > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > Bluewave USA Inc. - Online Creations > http://www.bluewave.com/ > Tel. +1 (212) 509 1520 x240 > 110 Wall Street, 10th Floor > New York, NY 10005. USA > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >
