Cisco PIX land attack

ciscocisco-pix

I am continouly getting errors log Deny IP due to Land Attack from IP to IP.

Both source and destination IP address are same.

Can any one please guide me what could be the issue and how I can fix this?

Best Answer

The Land Attack spoofs the source and destination IP to be the same basically causing the machine to continuously reply to itself causing a DOS. It's a pretty old attack and most OS's are now patched to not be vulnerable to this.

In this case I think your PIX is doing what it's supposed to and dropping the traffic. I don't think you have anything to worry about.

Related Solutions

Cisco – Moving a PIX config from one device to another

If it's running PIX 6.x software or earlier, you have to do it the old-fashioned way: copy and paste. PIX 6.x and earlier will let you write net to copy to TFTP, but the copy command has no way to pull it back in from TFTP. You'll need to copy and paste the configuration into a console, telnet, or SSH session.

If it's a 515 or higher running 7.x or 8.x, you can use the copy command as you would with IOS:

copy tftp://ip.or.host.here/config-file startup-config

Then reboot the PIX for it to load the saved config.

Cisco PIX 501 firewall configuration

This is a home network, so not ServerFault related.

Anyways, try https://10.1.1.1 from your laptop.

Best Answer

Related Solutions

Cisco – Moving a PIX config from one device to another

Cisco PIX 501 firewall configuration

Related Topic