Endpoint Protection

 View Only
  • 1.  Denial of Service "IP Fragmentation Overlap" attack detected.

    Posted Jan 21, 2012 01:13 AM

    ok so at 1:50 today a lot of machines in our company get kicked off the network.  All of our IP phones rebooted.  Then an even weirder thing occurred when all versions of Outlook 2010 now have the box checked under delay delivery till 1/20/2012 at 5pm.  I am not sure if this was happened when the netowkr went crazy.  I looked on one of my servers and found this in the log.

     

     
    6 1/20/2012 1:49:12 PM Denial of Service Major Incoming UDP 192.168.1.2 00-1E-C9-34-35-91 228.1.2.4 01-00-5E-01-02-04 user CIC Default 1 1/20/2012 1:49:00 PM 1/20/2012 1:49:00 PM Denial of Service "IP Fragmentation Overlap" attack detected.
     
    Now the incoming UDP fo 192.168.1.2 is the IP of ther server i took this from  in the SEP log.  I am not sure what 228.1.2.4 is either.  What should my next step be to ensure i am not DOSing my whole lan again.  Thanks.  


  • 2.  RE: Denial of Service "IP Fragmentation Overlap" attack detected.

    Posted Jan 21, 2012 03:38 AM