Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations biv343 on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Synflood? 1

Status
Not open for further replies.
humour

humour

Programmer
Nov 24, 2003
87

I am deploying Mcafee firewall on my desktops. EPO constantly reports a Synflood attack from my server against one particular 98 client?

Anyone have an idea as to what this might be? A false positive perhaps?

What would my next step be to diagnose or solve the problem? There is no identified cuplrit - no worm, trojan or virus is mentioned?
 
Sort by date Sort by votes
A synflood is basically another computer trying to flood a machine with TCP/IP packets to create a DOS. The problem with desktop firewall is that it doesnt provide packet level detail on intrusions. It will be great when Mcafee lets us create our own Desktop Firewall signatures.
 
Upvote 0 Downvote

Addus5 said>"It will be great when Mcafee lets us create our own Desktop Firewall signatures."

Is this a planned feature?

Is there a different tool I could get to do a packet level inspection? IF the attack is coming from my server does that mean there is a worm at work? I have the latest dat's and everything is coming up clean.

Thx again for the 1st reply.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

thedaver
  • Locked
  • Question
Spammer/SYNFLood help needed
Replies
4
Views
51
Dalong
Dalong
wallace
  • Locked
  • Question
SYNfloods and PIX
Replies
4
Views
76
berford
berford

Part and Inventory Search

Sponsor

Back
Top