Tom's Hardware > Forum > General Networking > Firewall > Rule 'TCP ack packet attack': Blocked: In TCP?

Rule 'TCP ack packet attack': Blocked: In TCP?

Forum General Networking : Firewall - Rule 'TCP ack packet attack': Blocked: In TCP?

Tom's Hardware: Over 1.4 million members in 6 different countries available to answer all your high-tech questions. Sign up now! Its free!
Ask the community Add a reply
Word :    Username :           
 
Anonymous   05-09-2004 at 01:02:21 AM

Archived from groups: comp.security.firewalls (More info?)

 

Here are some records (from a lot) from my Kerio 2.1.5:
"
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1130, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1131, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1087, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1088, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1089, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1090, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1091, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1092, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1094, Owner: no owner
Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
[204.179.240.10:80]->localhost:1093, Owner: no owner
"
etc. etc.
What do 'quote-2c.bloomberg.com' trying to achieve?
Thanks for any education.

Add a reply
Sponsored Links
Register or log in to remove.
Anonymous   05-14-2004 at 08:34:07 PM
- 0 +

Archived from groups: comp.security.firewalls (More info?)

 

"Dr. Pastor" <elpX@adsihqX.com> wrote in
news:19anc.12455$Hs1.11783@newsread2.news.pas.earthlink.net:

> Here are some records (from a lot) from my Kerio 2.1.5:
> "
> Rule 'TCP ack packet attack': Blocked: In TCP, quote-2c.bloomberg.com
> [204.179.240.10:80]->localhost:1130, Owner: no owner
<snipped>
> etc. etc.
> What do 'quote-2c.bloomberg.com' trying to achieve?
> Thanks for any education.
>

In Kerio, logging suspicious packets in Advanced > Miscellaneous view will
generate the "ack" packets logs.

See:
http://www.dslreports.com/forum/re [...] ~mode=flat

Reply to Anonymous
Ask the community Add a reply
Tom's Hardware > Forum > General Networking > Firewall > Rule 'TCP ack packet attack': Blocked: In TCP?
Go to:

There are 910 identified and unidentified users. To see the list of identified users, Click here.

Forum map
Bestofmedia Forum ©
2000-2009 Bestofmedia Group
Page generated in 0.176 seconds
Please mind

You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.

Add a reply Cancel
Sponsored links
  • Ask the community now
  • Publish
Ad
Related Topics
See all relatives topics
They won a badge
Join us in greeting them
How do I win badges?