|
Posted by Duane Arnold on May 12, 2005, 3:44 am
If you were Registered and logged in, you could reply and use other advanced thread options
rladbury@kittymail.com wrote in news:1115847571.861201.207380
@g49g2000cwa.googlegroups.com:
> I installed Outpost a few days ago. About a couple of times every day,
> it pops up an alert in the system tray, telling me I'm under attack,
> with the site of the attacker, and type of attack - which so far is
> either Teardrop attack or Nestea attack. Today it was 192.1689.1.147
> (teardrop attack). Isn't that a private IP address?? How is that
> possible? I'm behind a router, but that's not even an address on my
> network. Other times, the site was one I was recently or currently on,
> including that of a software publisher. Doesn't it seem odd a software
> publisher would be sitting there issuing a DOS attack against me?!
> Should I presume then that Outpost is giving out false alerts and lying
> to me? What would make it do that, and is this thing really any better
> than Kerio?
>
>
Like any PFW solution, they cry about nothing most of the time. You're
setting behind a NAT router. So how can a machine that has a private LAN
side IP behind the router have a DOS attack from a machine on the Internet
coming through the router ran against it? It cannot happen. I could see
someone saying that if the machine had a direct connection to the Internet
and it doesn't.
The information is flat-out bogus from Outpost, you don't have PFW solution
configured properly for Windows networking behind the router if you have
more than one machine, or another machine on your network 192.168.1.147
which is a private side LAN IP and is running the attack.
But as far as a DOS is happening and it was reaching the machine, the PFW
and the O/S would be very busy stopping the attack. I think you're getting
some bogus information from Outpost you need to ignore or not have Outpost
report it.
Duane :)
| 
XML site map