Good afternoon:
I have a Cisco IPS 4240 sensor. This appliance is generating alerts with the network 0.0.0.0 as attacker and victim.
Example:
Severity informational
Application Name sensorApp
Event Time 02/20/2009 12:26:19
Sensor Local Time 01/20/2009 12:26:19
Signature ID 1330
Signature Sub-ID 16
Signature Name TCP Drop - PAWS check failed
Signature Version S248
Signature Details TCP Packet segment failed PAWS check
Attacker IP 0.0.0.0
Target IP 0.0.0.0
Target Port 0
Target Locality OUT
Someone can tell me. What can say this.
Thank's in advanced.