Syn flood to host from inside the network
Posted on 2007-03-28
I've had a look at other questions relating to this but cannot see anything specific to my problem, so I'm hoping you can shed some light on it.
This is the content of the alert message from my router:
Time: 03/28/2007, 12:36:55
Message: SYN Flood to Host
Source: 192.168.1.103, 2210
Destination:22.214.171.124, 80 (from ATM1 Outbound)
As you will see, the source purports to be an IP adress within our network. How is this possible & what does it mean for our security?
Is it possible that this could be triggered by the machine with that IP visiting a particular website?