Your ISP must not have any anti-spoof access lists in place. Normally, a packet with a source address the same as the destination shouldn't be allowed in from a remote source. Unless I'm not understanding something, anti-spoofing at the ISP should stop all Land Attack problems. On Wed, 27 Jun 2001, Adam Richardson wrote: > I got the following reply regarding Land Attack which might well be it. > > Info is at > > http://www.wired.com/news/technology/0,1282,8707,00.html > http://support.microsoft.com/support/kb/ARTICLES/Q165/0/05.asp > > >Envelope-to: adamrichardson@eircom.net > >From: "Rob Tashjian" <rwt@netopia.com> > >To: "Adam Richardson" <adamrichardson@eircom.net> > >Subject: Re: Strange hack attempt on port 25 from my own ip address > >Date: Wed, 27 Jun 2001 09:26:31 -0700 > >X-Priority: 3 > > > >Adam, > > > >Look up 'Land Attack'. You send a packet to a host with the source > >and destination addresses set to that host's address, and the source and > >destination port set to the same port. The host then dies a horrible death > >trying to reply to itself. > > > >rwt > >--- > >Robert Tashjian > >rwt@netopia.com > > > > _______________________________________________ > Firewalls mailing list > Firewalls@lists.gnac.net > http://lists.gnac.net/mailman/listinfo/firewalls > _______________________________________________ Firewalls mailing list Firewalls@lists.gnac.net http://lists.gnac.net/mailman/listinfo/firewalls