General discussion

Locked

IP Spoofing

By uofM ·
I've been getting the following in my Firewall log:

2002-12-05 14:35:41 - IP Spoofing - Source:169.254.233.233 ,0,LAN - Destination: 255.255.255.255,0,WAN

I'm wondering if anyone can explain this to me in terms of what someone may be trying todo. This is a log entry from a Netgear SOHO/HOME firewall that does stateful packet inspection.

Thanks in advance.

This conversation is currently closed to new comments.

3 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

IP Spoofing

by d.walker5 In reply to IP Spoofing

I don't think this is anything to worry about. It arrears that your firewall errored when your machine failed to connect to a the DHCP server. Or, it might have detected a source-routed packet from a hacker. It is poosible for hackers to use source routing to "spoof" IP addresses. Souce routing would allow a hacker to put an allowed address into a packet and capture the return by specifying that reponses be routed back to his/her computer. If this is what happened your Netgear firewall did it'sjob by dropping the source-routed packet. Hope this helps.

Collapse -

IP Spoofing

by uofM In reply to IP Spoofing

Poster rated this answer

Collapse -

IP Spoofing

by uofM In reply to IP Spoofing

This question was closed by the author

Back to Security Forum
3 total posts (Page 1 of 1)  

Related Discussions

Related Forums