Pix anti spoofing problem

Posted on 2008-02-06
Medium Priority
Last Modified: 2008-08-18
I've got a weird thing going on between my Pix and Windows servers...

I have netbios enabled on my servers as a few of the software running on them is using netbios names to access certain files.. What happends is that the servers do a Netbios name request on the broadcast address x.x.x.255 which then my Pix intercepts and see's it as a spoofing attack..

Not a bad thing in general but my pix logs are filling up with deny udp reverse path check from x.x.x.x to x.x.x.255 on interface outside messages.. Which is pretty annoying.. Is there some way to get around this??

I have anti spoofing enabled on both interfaces inside and outside.. Disabling this on the interface outside stops these messages but I think is not a good idea to do..

My servers are on interface inside and my connection is on outside..

Any suggestions are welcome.

Question by:ro8inmorgan

Accepted Solution

kmotaweh earned 1000 total points
ID: 20831439
it's not bad to stop it on the internal interface and i think this not the best practise also to enable it on the internal interface

Author Comment

ID: 20831476
Ok I disabled the anti spoofing on the internal interface.. But the deny udp messages still come in my Pix log as their on the outside interface coming from my servers sitting on the inside interface..

Featured Post

The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Just after setting up Cloud PBX connectivity and migrated Skype users to SFBO, we noticed inbound calls not working but outbound calls would work.
OnPage has always empowered IT teams but also amplify alerting capabilities. In the following slides you will see 5 features of OnPage that act as important tools for any IT team to resolve incidents faster
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

587 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question