Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Ip spoof from 0.0.0.0

From: Paul Gillingwater <paul () lanifex com>
Date: Wed, 06 Nov 2002 20:08:45 +0100 (CET)
Quoting Frank Cheong <chocobofrank () hotmail com>:

o yes, I also get these kind of attack these few days while some of them 
leaving a MAC Address 00.30.B6.D0.3C.EC so what can I do to stop these 
attack now ? As all I got is only a MAC address.


There\'s not much you can do.  The MAC address is most likely coming from
your router, not the remote attacker.  The best you could do is ask your
upstream ISP to filter outgoing traffic to drop IP packets with invalid
source addresses like 0.0.0.0.

*********************************
 Paul Gillingwater, BA, BSc, MBA
        Managing Director
 CSO Lanifex Unternehmensberatung 
 & Softwareentwicklung G.m.b.H.
      NEW BUSINESS CONCEPTS

E-mail:  paul () lanifex com
Tel:     +43(1)2198222-20
Fax:     +43(1)2198222-11
Mobile:  +43(699)1922 3085
Webhome: http://www.lanifex.com/
Address: Praterstrasse 60/1/2 
         A-1020 Vienna, Austria
*********************************

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: