Security Incidents mailing list archives

Re: Source Host 0.0.0.0

From: Dante () WEBCTI COM (Dante Mercurio)
Date: Tue, 4 Jan 2000 17:10:46 -0500


Source 0.0.0.0 usually a BOOTP or DHCP request. Is it coming from the inside
or outside of your firewall? If it is on the inside, then is may be a print
server or something requesting an IP address with no one answering.
-Dante

-----Original Message-----
From: Frederic Ple [mailto:frederic.ple () MAIL DOTCOM FR]
Sent: Tuesday, January 04, 2000 3:11 AM
To: INCIDENTS () SECURITYFOCUS COM
Subject: Re: Source Host 0.0.0.0

I am seeing alot of synfloods occuring from source ip
0.0.0.0 from my intrusion detection system.


Same for me.
My ISS Realsecure show me it happens especially between proxy servers and
internet web servers.
I have to check that

Current thread:

Re: Source Host 0.0.0.0 Frederic Ple (Jan 04)
- <Possible follow-ups>
- Re: Source Host 0.0.0.0 Dante Mercurio (Jan 04)
  - Re: Source Host 0.0.0.0 Grzegorz Janoszka (Jan 06)
- Re: Source Host 0.0.0.0 Chuck Phillips (Jan 06)