we are experiencing an IP-spoofing attack. We have a PIX 515 with 6 interfaces. On the intern interface we receive such error message:
PIX-1-106021: Deny udp reverse path check from 126.96.36.199 to 188.8.131.52 on interface intern
the Unicast RPF is configured on all interfaces.
Is this truely an attack? If yes, is there a chance to identify the MAC address of this IP? With other word, how can I identify the attacker?