作者 主題: [問題]請問如何tracert到偽裝的ip ?  (閱讀 7433 次)

0 會員 與 1 訪客 正在閱讀本文。

damon

  • 管理員
  • 俺是博士!
  • *****
  • 文章數: 4227
    • 檢視個人資料
    • http://blog.damon.tw/
[問題]請問如何tracert到偽裝的ip ?
« 於: 2002-07-25 10:45 »
各位好,小弟的fire wall最近每天都會看到一個訊息
07/25/2002 10:11:54.928 -
IP spoof detected -    Source:167.116.185.70, 137, LAN - Destination:168.95.1.1, 53, WAN - MAC address: 00.05.5D.E4.F4.A4 -

小弟的fire wall是用硬體的fire wall,看了一下說明中的ip spoof
IP Spoof
An IP Spoof is an intrusion attempt in which a hacker attempts to send TCP/IP packets using the address of another computer. This can be used to access a protected network by using an IP address of a machine on the protected network. The SonicWALL recognizes this as an intrusion attempt and drops these packets. An IP spoof alert on the log often indicates a SonicWALL misconfiguration; if you see an IP spoof alert, make sure that all IP addresses on the LAN, WAN, and DMZ are correct. This can also occur if an IP address on the LAN does not fall within the LAN subnet.

應該是有人企圖用偽裝的ip透過小弟的機器來攻擊168.95.1.1
可是tracert這個ip 167.116.185.70到seednet(小弟公司使用的ISP)之後就斷了
C:\>tracert 167.116.185.70

Tracing route to 167.116.185.70 over a maximum of 30 hops

  1    10 ms   <10 ms   <10 ms  h102-203-73-246.seed.net.tw    
                                              [203.73.246.102]
  2    40 ms    50 ms    50 ms  172.28.7.29
  3    40 ms    50 ms    50 ms  sh39-62.seed.net.tw [139.175.39.62]
  4     *        *        *     Request timed out.
  5     *        *        *     Request timed out.
  6     *        *        *     Request timed out.
  7     *        *        *     Request timed out.
  8     *        *        *     Request timed out.
  9     *        *        *     Request timed out.
 10     *        *        *     Request timed out.
 11     *        *        *     Request timed out.
 12     *        *        *     Request timed out.
 13     *        *        *     Request timed out.
 14     *        *        *     Request timed out.
 15     *        *        *     Request timed out.
 16     *        *        *     Request timed out.
 17     *        *        *     Request timed out.
 18     *        *        *     Request timed out.
 19     *        *        *     Request timed out.
 20     *        *        *     Request timed out.
 21     *        *        *     Request timed out.
 22     *        *        *     Request timed out.
 23     *        *        *     Request timed out.
 24     *        *        *     Request timed out.
 25     *        *        *     Request timed out.
 26     *        *        *     Request timed out.
 27     *        *        *     Request timed out.
 28     *        *        *     Request timed out.
 29     *        *        *     Request timed out.
 30     *        *        *     Request timed out.

Trace complete.

請問各位先進有什麼方法可以預防嗎?