Hi Gurus,

How can I solve LAND ATTACK?

Can I bypass this attack in PIX 515E?

Regards,

Choosak B.

2005-03-10 14:08:26 Local4.Info 203.101.1.9 Mar 10 2005 14:02:20: %PIX-6-106100: access-list acl_allowall permitted tcp outside/202.44.1.1(42954) -> inside/203.101.10.67(3308) hit-cnt 1 (first hit)

2005-03-10 14:08:26 Local4.Info 203.101.1.9 Mar 10 2005 14:02:20: %PIX-6-302013: Built inbound TCP connection 1256417 for outside:202.44.1.1/42954 (202.44.1.1/42954) to inside:192.168.10.67/3308 (203.101.10.67/3308)

2005-03-10 14:08:36 Local4.Info 203.101.1.9 Mar 10 2005 14:02:30: %PIX-6-302013: Built outbound TCP connection 1256426 for outside:203.101.10.67/3308 (203.101.10.67/3308) to inside:192.168.10.67/60687 (203.101.10.67/60687)

2005-03-10 14:08:36 Local4.Critical 203.101.1.9 Mar 10 2005 14:02:30: %PIX-2-106017: Deny IP due to Land Attack from 203.101.10.67 to 203.101.10.67

2005-03-10 14:08:40 Local4.Critical 203.101.1.9 Mar 10 2005 14:02:34: %PIX-2-106017: Deny IP due to Land Attack from 203.101.10.67 to 203.101.10.67

2005-03-10 14:08:46 Local4.Info 203.101.1.9 Mar 10 2005 14:02:40: %PIX-6-302014: Teardown TCP connection 1256426 for outside:203.101.10.67/3308 to inside:192.168.10.67/60687 duration 0:00:10 bytes 0 TCP Reset-I

2005-03-10 14:08:46 Local4.Critical 203.101.1.9 Mar 10 2005 14:02:40: %PIX-2-106017: Deny IP due to Land Attack from 203.101.10.67 to 203.101.10.67

2005-03-10 14:08:51 Local4.Info 203.101.1.9 Mar 10 2005 14:02:45: %PIX-6-106015: Deny TCP (no connection) from 202.44.1.1/42954 to 203.101.10.67/3308 flags ACK on interface outside