Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

I am getting this error in PIX syslog...

2002-05-12 18:03:44 Local4.Critical 192.168.1.1 %PIX-2-106017: Deny IP due to Land Attack from 10.1.1.10 to 10.1.1.10

What might be causing this?

2 REPLIES
New Member

Re: I am getting this error in PIX syslog...

I took this from:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v53/syslog/pixemapa.htm

%PIX-2-106017: Deny IP due to Land Attack from IP_addr to IP_addr

Explanation This message appears when PIX Firewall receives a packet with the IP source address equal to the IP destination and the destination port equal to the source port. This indicates a spoofed packet designed to attack systems. This attack is referred to as a Land Attack.

Action If this message persists, an attack may be in progress. The packet does not provide enough information to determine where the attack originates

New Member

Re: I am getting this error in PIX syslog...

I thought that was strange because 10.1.1.10 is part of my VPN pool and I was not sure if I had configured the PIX correctly. Thanks!

103
Views
0
Helpful
2
Replies
CreatePlease login to create content