- Community Home
- >
- Networking
- >
- IMC
- >
- IMC pinging with a spoofed source IP?
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-11-2013 11:58 AM
11-11-2013 11:58 AM
IMC pinging with a spoofed source IP?
My installation of IMC v7 is sitting on my lab network, which is separated from my production wired and wireless networks by a firewall. I have found some odd behavior coming from IMC--it is sending a ping to an IP address on a wired, production segment with a source IP address that is not its own.
The IP address of the IMC server is 10.10.42.42. It is pinging through the fierewall to the WLAN controller (IP address 10.9.0.10). Oddly enough, the firewall (and Wireshark) are seeing IMC send the pings to 10.9.0.10 with the source IP address of 10.9.0.254. No such IP address exists on the 10.9.0.0/24 subnet.
Naturally, the firewall classifies this as an attack since it fits IP spoofing criteria. Has anyone else seen this behavior?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-11-2013 12:31 PM
11-11-2013 12:31 PM
Re: IMC pinging with a spoofed source IP?
Find "Enable Forged Ping Packets", and set it to No. Click OK.
It's used to try and improve discovery accuracy by making devices update their ARP caches. Problem is that firewalls typically block the spoofed addresses.