Crystal Report Viewer

Possible Attacks Report

Total Traffic in KBytes‎: ‎

Generation Date‎:‎

Page 1 of 1

Possible Attacks Report

10/10/2006

EventID‎

Explanation‎

Action‎

PIX-1-106021

256

Count‎:‎

Someone is attempting to spoof an IP ‎

address on an inbound connection‎. ‎

Unicast Reverse Path Forwarding, also ‎

known as reverse route lookup, detected ‎

a packet that does not have a source ‎

address represented by a route and ‎

assumes it to be part of an attack on your ‎

PIX Firewall‎.‎

This message appears when you have enabled ‎

Unicast Reverse Path Forwarding with the ip ‎

verify reverse‎-‎path command‎. ‎This feature ‎

works on packets input to an interface; if it is ‎

configured on the outside, then PIX Firewall ‎

checks packets arriving from the outside‎. ‎An ‎

attack is in progress‎. ‎With this feature enabled, ‎

no user action is required‎. ‎PIX Firewall repels ‎

the attack‎.‎

Deny protocol reverse path check from ‎

_addr to dest_addr on interface int_name‎

Message‎:‎

PIX-2-106016

Count‎:‎

This message is logged when the PIX ‎

Firewall discards a packet with an invalid ‎

source address‎.‎

Determine if an external user is trying to ‎

compromise the protected network‎. ‎Check for ‎

misconfigured clients‎.‎

Deny IP spoof from ‎(‎IP_addr‎) ‎to IP_addr on ‎

interface int_name‎

Message‎:‎