Snort mailing list archives

RE: loopback traffic

From: "Bob Sukovich" <bob () hightowersecurity com>
Date: Wed, 19 May 2004 14:41:01 -0700

This message;

106016: Deny IP spoof from (127.0.0.1) to static on interface outside

has appeared with regular frequency over the past few days. It seems to
be prodding at all the addresses on the outside of the pix. In addition
there has been some apparent malicious/recon activity inside the pix
sourced from a user who uses a MS VPN endpoint inside the pix. 

Robert E. Sukovich
Senior Network Security Engineer
CISSP /CCNA  
714.393.1461




-------------------------------------------------------
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g.
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id149&alloc_id66&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

Loopback traffic Rodrigo B. Ramos (Apr 23)
- RE: Loopback traffic Chuck Holley (Apr 23)
  - RE: Loopback traffic Matt Kettler (Apr 26)
- <Possible follow-ups>
- loopback traffic Security Personnel (May 19)
  - Re: loopback traffic Matt Kettler (May 19)
    - Re: loopback traffic James Riden (May 19)
  - Re: loopback traffic Security Personnel (May 19)
- RE: loopback traffic Bob Sukovich (May 20)