Hi,
I experienced the same thing.
It�s requests from external hosts (from several ISPs dialin hosts) detected
at the internal interface.
The requests in question are always to the dst 224.0.0.2
(ALL-ROUTERS.MCAST.NET) and proto:2.
Does anybody know more about what causes these requests and how to stop
them?
Regards, Harald Albers
>The internal LAN addresses are 192.168.something and the anti-spoofing
>is on.
>The problem is that I had an alert saying that some valid address (not
>one of ours) has been detected on the internal LAN (Antispoof alert).
>This valid address is resolved into an public ISP client.
>Where can this come from ? I forbid the use of modems on the LAN (could
>this be it anyway ?). Could this be a successful intrusion into our
>systems ?
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
