comp.security.firewalls archive
Re: Intrusion Attack
From: Ansgar -59cobalt- Wiechers <usenet-2006@planetcobalt.net>
Date: Wed Apr 12 2006 - 16:11:43 CEST
Date: Wed Apr 12 2006 - 16:11:43 CEST
james wrote:
> Details: Attempted Intrusion "MS ASN1 Integer Overflow TCP" against
> your machine was detected and blocked.
> Intruder: 10.19.114.206(2801).
This is probably a spoofed address. Block all private address ranges
(10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, probably 169.254.0.0/16 as
well) on your border router.
cu
59cobalt
-- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on BugtraqReceived on Mon May 1 01:06:36 2006