Our syslogs recently started showing a specific spoof getting dropped by one of our main firewalls, an ASA.
"Deny IP spoof from (0.0.4.0) to <removed public ip>on interface outside"
While no harm is done since the traffic is dropped, i still wonder... It has been going on for quite a while now and with a frequency of maybe 40 or 50 times a minute i figure its not going to stop any time soon.
thanks. Yeah i did, its just my curious nature i guess that makes me want to investigate further. Has anyone ever followed up on something like this by maybe contacting the provider? Would that do any good?
yeah but the source address in this case is a special use address apparantly 0.0.4.0. Here is a snippet from the whois i pulled off of it:
Comment: The address 0.0.0.0 may only be used as the address of an outgoing packet when a computer is learning which IP address it should use. It is never used as a destination address. Addresses starting with "0." are sometimes used for broadcasts to directly connected devices.
So unless my ISP has added a new (and seriously misconfigured) device somewhere, i wont be getting anywhere with that. And if this isnt from me ISP how does that kind of traffic even get across the internet?
Dont anybody past my rented black fiber filter traffic in anyway? Would an ISP allow a customer to initiate traffic not sourced from that customers own ip address / range?
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :