Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Understanding Land-Attack

Hi,

I had a few messages logged in my firewall as

%PIX-2-106017: Deny IP due to Land Attack from x.x.x.x to x.x.x.x

I want to understand that how did these packets managed to get to our firewall, when the destination address of the packet is equal to the source address (thus the Land Attack) and they "Don't" belong to our address space (which is y.y.y.y) ?

Our firewall is protected by the Perimeter router, which only lets packet with destination address equal to our Address space.

\\ Naman

3 REPLIES

Re: Understanding Land-Attack

Maybe someone at the inside trying to attack the machine at y.y.y.y?

Kind Regards,

Tom

New Member

Re: Understanding Land-Attack

I really doubt that it was from some inside machine. As firewall's outside interface is in Dirty DMZ. There are no Servers in that Subnet.

Also our perimeter router is set to drop packets with "source-route" option.

\\ Naman

Gold

Re: Understanding Land-Attack

Hi,

Have you tried to debug the IP Packet ?

Jay

449
Views
0
Helpful
3
Replies
CreatePlease to create content