RE: Bogus DNS traffic
From: Christopher L. Morrow (chris_at_UU.NET)
Date: 10/23/03
- Previous message: Robert Lowe: "Re: Bogus DNS traffic"
- In reply to: David Gillett: "RE: Bogus DNS traffic"
- Next in thread: Brian Collins: "Re: Bogus DNS traffic"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 23 Oct 2003 15:49:16 +0000 (GMT) To: David Gillett <gillettdavid@fhda.edu>
On Wed, 22 Oct 2003, David Gillett wrote:
> The malformation looks like a match. Since I'd only seen one
> random packet from each of a bunch of random source addresses,
> I was assuming the source was probably spoofed; this sounds like
> it might not be.
> (The MAC address that I reported as an internal server turns
> out to be the nearest internal ROUTER. So I don't know if the
> origin is internal to our network after all.)
MAC addresses are always local, their significance is lost beyond the
subnet boundary.
---------------------------------------------------------------------------
FREE Whitepaper: Better Management for Network Security
Looking for a better way to manage your IP security?
Learn how Solsoft can help you:
- Ensure robust IP security through policy-based management
- Make firewall, VPN, and NAT rules interoperable across heterogeneous
networks
- Quickly respond to network events from a central console
Download our FREE whitepaper at:
http://www.securityfocus.com/sponsor/Solsoft_incidents_031015
----------------------------------------------------------------------------
- Previous message: Robert Lowe: "Re: Bogus DNS traffic"
- In reply to: David Gillett: "RE: Bogus DNS traffic"
- Next in thread: Brian Collins: "Re: Bogus DNS traffic"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
