No announcement yet.

panda blocks intrusions,because fragmented packets

  • Filter
  • Time
  • Show
Clear All
new posts

  • panda blocks intrusions,because fragmented packets

    hi thereI!
    in my company we have some remote sites connected by VPN's ,each one of them have various subnets(generally three).i
    n local "A" where most servers are ,including the dc and mail servers. the subnet is x.x.3.0 and in local "B" it's x.x.7.xthe AV itīs on "A" and in "B" with database on "A".
    the clients on subnet x.x.7.0 are receiving panda's pop ups saying: "intrusion attempt blocked "type of atack:"Packets with inconsistent fragments"

    in the PANDA server logs, its reported...the source IP's are several servers in "A"-x.x.3.0 and the destination IP's are just the local "B" ones,and just IN the x.x.7.0 subnete .
    every minute,random computers receive it in random doors!

    could it be an MTU issue?
    pinging with -f -l The max it gets is 1407, more then this,it starts to exceed time until 1473, whent it starts to say that the packets need to pe fragmented!
    to the net na max is 1464.

    it started just yesterday, we have mails,VPN's, AD...nothing is missing I suppose.Could you help me?


    w2k3 R2 ISA2007 cisco routers w/adsl RDIS
    Last edited by CHN; 30th January 2009, 18:03.