The security administrator at ABC company received the following log information from an external
party:
10:45:01 EST, SRC 10.4.3.7:3056, DST 8.4.2.1:80, ALERT, Directory traversal
10:45:02 EST, SRC 10.4.3.7:3057, DST 8.4.2.1:80, ALERT, Account brute force
10:45:03 EST, SRC 10.4.3.7:3058, DST 8.4.2.1:80, ALERT, Port scan
The external party is reporting attacks coming from abc-company.com. Which of the following is
the reason the ABC company’s security administrator is unable to determine the origin of the
attack?
A.
A NIDS was used in place of a NIPS.
B.
The log is not in UTC.
C.
The external party uses a firewall.
D.
ABC company uses PAT.
Explanation:
10.0.0.0/8 IP addresses are reserved for private network. Why it shows on this log as public address? Is it wrong?
0
0