[x]
Posted via EE Mobile

Search, ask, and monitor your questions on the go with EE Mobile. Visit Experts Exchange from your mobile device and never be out of touch again.

08/30/2006 at 07:28AM PDT, ID: 21972547
[x]
Attachment Details
[x]
The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

  • The Grade of the Solution
  • The Zone Rank of the Expert Providing the Solution
  • The Number of Author and Expert Comments
  • The Number of Experts Contributing
  • The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

8.2

Sonicwall reports numerous spoofs and packets dropped/slow internet connectivity

Tags:

spoof, dropped, sonicwall, ip

The log file on our firewall is showing a log of dropped packets and spoofs, much of which appears to be generated from internal ip addresses, the internal ips are 199.29.166.xxx (see extract below); is this an indication of virus/spyware activity on our network?  We're seeing occassional slow down of internet access which led me to check these logs in the first place.  Any suggestion would be greatly appreciated.

08/30/2006 13:46:11.224 UDP packet dropped 202.97.238.205, 54972, WAN 193.120.102.237, 1026, WAN    
08/30/2006 13:44:16.704 IP spoof dropped 199.29.166.135, 137, LAN 199.29.166.175, 137, OPT MAC address: 00.0D.9D.D3.7D.A0  
08/30/2006 13:44:12.256 UDP packet dropped 202.97.238.132, 40530, WAN 193.120.102.237, 1026, WAN    
08/30/2006 13:43:16.176 IP spoof dropped 199.29.166.134, 137, LAN 199.29.166.201, 137, OPT MAC address: 00.0F.1F.46.50.8B  
08/30/2006 13:43:08.016 UDP packet dropped 221.208.208.91, 59156, WAN 193.120.102.237, 1026, WAN    
08/30/2006 13:41:35.304 IP spoof dropped 199.29.166.100, 137, LAN 199.29.166.201, 137, OPT MAC address: 00.04.76.8E.0F.EB  
08/30/2006 13:40:27.864 IP spoof dropped 199.29.166.111, 137, LAN 199.29.166.102, 137, OPT MAC address: 00.50.DA.DF.0C.C5  
08/30/2006 13:36:31.576 UDP packet dropped 171.82.233.132, 45604, WAN 193.120.102.237, 1025, WAN    
08/30/2006 13:35:36.144 IP spoof dropped 199.29.166.132, 137, LAN 199.29.166.106, 137, OPT MAC address: 00.0B.CD.B2.38.F0  
08/30/2006 13:34:19.160 IP spoof dropped 199.29.166.100, 137, LAN 199.29.166.247, 137, OPT MAC address: 00.04.76.8E.0F.EB  
08/30/2006 13:32:47.176 IP spoof dropped 199.29.166.102, 137, LAN 199.29.166.100, 137, OPT MAC address: 00.E0.18.C3.0E.F4  
08/30/2006 13:32:17.688 ICMP packet dropped 24.31.153.21, 3, WAN 193.120.102.237, 3, WAN Dest Unreachable, Code: 3
Sign up now to view this solution
Question Stats
Zone: Security
Question Asked By: spower22
Solution Provided By: jancoulson
Participating Experts: 2
Solution Grade: A
Views: 294
Loading Advertisement...
08/30/06 02:48 PM, ID: 17424463

Rank: Master

All comments and solutions are available to Premium Service Members only. Sign-up to view the solution to this question.

Already a member? Login to view this solution.

 
08/31/06 02:10 AM, ID: 17427411

All comments and solutions are available to Premium Service Members only. Sign-up to view the solution to this question.

Already a member? Login to view this solution.

 
 
Loading Advertisement...
20080206-EE-VQP-25