Thread: attack info :illegal resource record format
View Single Post
  #4 (permalink)  
Old 2006-06-21
djbones djbones is offline
Junior Member
  
Join Date: 2006-06-21
Posts: 1
Rep Power: 0
djbones has an average reputation (10+)
Default Re: attack info :illegal resource record format
I am having this same issue. The traffic is between two of my own DNS servers (Windows domain controllers). The one making the request is behind a VPN-1 Edge X, and there is a tunnel to our FW-1. The packets are dropped by FW-1.

Number: 51453
Date: 21Jun2006
Time: 8:17:49
Product: SmartDefense
VPN-1 & FireWall-1
Interface: eth2c0
Origin: Xxxxxx (172.16.0.4)
Type: Log
Action: Drop
Service: domain-udp (53)
Source: vpnTest2 (10.1.2.30)
Destination: xxxxxxx.xxxx.corp (172.16.0.3)
Protocol: udp
Rule: 10
Source Port: 1597
Attack Name: Invalid DNS
Information: Attack Info: Illegal Resource Record format
Reply With Quote