Is it possible for someone over a network to use my loopback to by pass my firewall? If so what can i do to mitigate the problem and how damageing can it be?
The reason im asking is my Snort sytem is showing badd loopback traffic.. thanks here is a snipit from my snort logs. [**] [1:528:2] BAD TRAFFIC loopback traffic [**] [Classification: Potentially Bad Traffic] [Priority: 2] 01/12-14:10:11.568007 45.253.14.97:49847 -> 127.167.228.85:5460 TCP TTL:64 TOS:0x0 ID:37583 IpLen:20 DgmLen:40 ******S* Seq: 0x3F4BB00A Ack: 0x0 Win: 0x200 TcpLen: 20 Thanks Craig
msg02936/pgp00000.pgp
Description: PGP signature