Norton Internet Security 2004 -Angriff von eigener IP?
NIS meldet dauern folgenden Angriff:
Ein Computer mit der folgenden IP-Adresse ...hat Informationen gesendet, die Merkmale eines Invalid UDP-Destination Port_Angriffs aufweisen.
Die IP-Adresse ist aber meine eigene!!!
Die Symantec-site meint dazu folgendes:
Invalid UDP Destination Port
Severity: Low
This attack poses a minor threat. Corrective action may not be possible or is not required.
Attack Category: Suspicious Activity
Anomalous network conditions or traffic patterns. A suspicious activity signature, for example, might detect two systems with identical IP addresses, a condition that indicates an attempted IP spoofing attack.
Description
This attack signature detects packets that have a UDP destination port of 0. 0 is an invalid value for the UDP destination port and must not be used.
Additional Information
Attackers sometime send UDP packets with a destination port of 0 as means of fingerprinting/profiling your operating system.
False Positive
None.
Frage: Was heißt/bedeutet das und wo liegt das Problem?
____________________________________
Sector
|