[Snort-users] (no subject)
radamson at ...2127...
Fri May 31 11:30:04 EDT 2002
There are a lot of ISPs (including Sprint) that do not filter the non-routable
addresses at every router. In some cases, these addresses can carry on a full
session. The default condition for most routers is to allow the routing.
In your case, you might try tracerouting to it (assuming you are not using
those same addresses).
> Snort LAN sensor
> Here is the line from acid :
> DOS MSDTC attempt 22.214.171.124:80 10.0.0.249:3372
> How is this possible? 10.0.0.249 is a proxy machine taht doesn't have public
> ip. How somebody can connect to non-routable ip from the outside world?
> Or should I interpret this line as something else?
More information about the Snort-users