09-18-2010
Firewall on Teardrop Attack!!!
Hi, I am new in managing firewalls though I had significant experience with IP Networking already. I had just encountered time and time again a "Teardrop Attack!" on my firewall logs. Can anybody advise me on what to do or what to check about this message. Searching over the internet does not give me any significant remedy.
Thanking in advance.
7 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
since putting my pc online, it keeps getting slower and i dig the logfile to have such a surprise:
this is just one of a many and I beleived it's a bruteforce attack
how do i block this IP 200.41.81.228 from trying to knock my online pc?
my system:
FreeBSD testing.net 6.2-STABLE-JE... (6 Replies)
Discussion started by: rdns
6 Replies
2. Cybersecurity
REPLAY ATTACK.
Can some one elobrate on measures to encounter this problem of replay atack on network. (3 Replies)
Discussion started by: Ashvin Gaur
3 Replies
3. Cybersecurity
About 3 days ago our Apache logs started filling with the following errors:
mod_ssl: SSL handshake failed (server <weberver>:443, client 41.235.234.172) (OpenSSL library error follows)
OpenSSL: error:1408A0B7:SSL routines:SSL3_GET_CLIENT_HELLO:no ciphers specified
These initially were... (1 Reply)
Discussion started by: ccj4467
1 Replies
4. Cybersecurity
Hi,
I have a belkin router installed and a look at the security log has got me worried a little bit.
Security log:
Fri Jan 29 20:41:46 2010
=>Found attack from 68.147.232.199.
Source port is 58591 and destination port is 12426 which use the TCP protocol.
Fri Jan 29 20:41:46 2010 ... (1 Reply)
Discussion started by: jld
1 Replies
5. Cybersecurity
In my logs I find entries about attacks on my system. I know IP addresses, I know date and time and I know what they tried to do. So what's the best I can do now? Tell everybody that there are cybercriminals on that network? Write an email to their admin? Anything else? (10 Replies)
Discussion started by: Action
10 Replies
6. Cybersecurity
Is this an attack attempt? I got an e-mail from 'uucp Admin' last night and again this morning:
What does it mean and what can I do about it? Thanks (4 Replies)
Discussion started by: ctafret
4 Replies
7. Emergency UNIX and Linux Support
Dear community,
my site was recently attacjed by DDOS technique and goes down in a few minutes. My site runs under Debian/Apache2/Mysql.
I identified the IPs who attack me and block it through iptable firewall from debian.
Something like:
iptables -D INPUT -s xxx.xxx.xxx.xxx -j DROP
This... (7 Replies)
Discussion started by: Lord Spectre
7 Replies
LEARN ABOUT DEBIAN
fwb_iosacl
fwb_pix(1) Firewall Builder fwb_pix(1)
NAME
fwb_ipt - Policy compiler for Cisco IOS ACL
SYNOPSIS
fwb_iosacl [-vV] [-d wdir] [-4] [-6] [-i] -f data_file.xml object_name
DESCRIPTION
fwb_iosacl is firewall policy compiler component of Firewall Builder (see fwbuilder(1)). Compiler reads objects definitions and firewall
description from the data file specified with "-f" option and generates resultant Cisco IOS ACL configuration file. The configuration is
written to the file with the name the same as the name of the firewall object, plus extension ".fw". Compiler generates extended access
lists for Cisco routers running IOS v12.x using "ip access-list <name>" syntax. Compiler also generates "ip access-group" commands to
assign access lists to interfaces. Generated ACL configuration can be uploaded to the router manually or using built-in installer in the
fwbuilder(1) GUI.
The data file and the name of the firewall objects must be specified on the command line. Other command line parameters are optional.
OPTIONS
-4 Generate iptables script for IPv4 part of the policy. If any rules of the firewall refer to IPv6 addresses, compiler will skip these
rules. Options "-4" and "-6" are exclusive. If neither option is used, compiler tries to generate both parts of the script,
although generation of the IPv6 part is controlled by the option "Enable IPv6 support" in the "IPv6" tab of the firewall object
advanced settings dialog. This option is off by default.
-6 Generate iptables script for IPv6 part of the policy. If any rules of the firewall refer to IPv6 addresses, compiler will skip these
rules.
-f FILE
Specify the name of the data file to be processed.
-d wdir
Specify working directory. Compiler creates file with ACL configuration in this directory. If this parameter is missing, then gen-
erated ACL will be placed in the current working directory.
-v Be verbose: compiler prints diagnostic messages when it works.
-V Print version number and quit.
-i When this option is present, the last argument on the command line is supposed to be firewall object ID rather than its name
URL
Firewall Builder home page is located at the following URL: http://www.fwbuilder.org/
BUGS
Please report bugs using bug tracking system on SourceForge:
http://sourceforge.net/tracker/?group_id=5314&atid=105314
SEE ALSO
fwbuilder(1), fwb_pix(1), fwb_ipfw(1), fwb_ipf(1), fwb_ipt(1) fwb_pf(1)
FWB
fwb_pix(1)