AWSTATS VERSION (no support for older versions than 3.0 and beta versions):
3.2 (build 84)
OS (Windows/Unix) + VERSION : Windows NT4
WEB SERVER NAME (IIS/Apache/...) + VERSION : IIS4
PERL INTERPRETER NAME + VERSION (if known) : ActiveState
If your site is online, give your awstats URL: http://www.tbri.com/stats/cgi-
Your problem description :
Would there be any reason we are getting "IP spoof detected" messages from
our firewall (SonicWall) when the awstats.pl script is run. The message is:
01/08/2002 05:07:12.768 -
IP spoof detected -
Source:184.108.40.206, 137, DMZ -
Destination:220.127.116.11, 137, WAN -
MAC address: 00.B0.D0.20.3A.9F -
We get these once per hour, which coincides with when the perl script is run on
the server. The "Destination" IP address will change on each message, but all
other "fields" will remain the same.
Note: our web server, which is behind a firewall, has three NIC cards,
the "Source" address above is one of them.
Log in to post a comment.