Solved

F-Secure reports its receiving tcp 139 with source and destination address  equal vlan interface brodacast address. Any ideas of what can causing this?

Posted on 2008-10-06
1
1,208 Views
Last Modified: 2009-12-16
We quite often receive alarms from F-Secure FW saying its blocking malicious traffic on tcp 137 from source address VLAN/subnet broadcast address. (10.140.XXX.255)  as both source and destination address.
Does anybody know what can be the reason for this and how to find the source?
0
Comment
Question by:Ziggino
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 32

Accepted Solution

by:
harbor235 earned 500 total points
ID: 22648590


Odd, could be an attack, track down the source mac-address to see what switch port this system is connected to. i would have a clser look at this system


harbor235 ;}
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

The worst thing when starting a new job is when the previous Network Administrator left behind no documentation. How do you get into the devices? If you've been in this situation or just accidently mistyped your password, this article will hopefully…
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question