Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
275
Views
0
Helpful
1
Replies

LAND Attack on my Pix !!!

kunal.shandil
Level 1
Level 1

‎01-11-2008 06:28 PM - edited ‎03-11-2019 04:47 AM

Hi all,

Today when i saw my syslog i found a lots of strange and similar log mssg on my pix 525 (v7.29(1)) the error mssg is attached however i changed a little details in that jst for security reasons.

LAND attacks seems to happen when a spoofed packet with the SYN flag set comes from a host, with Source ip/port is same as Destination ip/port.

This is highly unlikely in my environment as we have another internal firewall and machines are properly patched.

This PAT config is wht i found on my PIX:-

FW525# sh run | inc PAT_Some_Project name 144.X.Y.Z PAT_Some_Project

global (Outside) 9 PAT_Some_Project netmask 255.255.0.0

FW525#

The netmask shud be /32 I think.

Any suggestions wht is happening here.

regards

Kunal

Labels:
Preview file
1 KB
0 Helpful
1 Reply 1

kunal.shandil
Level 1
Level 1

‎01-13-2008 12:25 AM

Senior Members any comments ??

regrds

Kunal

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card