Land attack problem

Hello,
I have this problem:
Deny IP due to Land Attack from 208.109.243.225 to 208.109.243.225
When I try to execute with nodejs this script:
var http = require("http");
var cronJob = require("cron").CronJob;
var request = require("request");
var mysql = require("mysql");
request.get("http://www.asteveloci.com", function(error, response, body) {
 console.log(error);
 console.log(response);
 console.log(body);
If i do the script with the website "www.facebook.com" for example, all works properly.
here's some screenshot:
http://attualitynews.it/2014-06-03_225703.png
http://attualitynews.it/2014-06-03_225733.png
Please help..

Please see http://customer.xfinity.com/help-and-support/internet/power-cycling-your-modem. Also, try plugging a corded phone directly into the modem or gateway. If that works, the problem is in your home phones or wiring. If it doesn't, something's wrong with your Comcast service.
If you can't get it working contact them at the phone number on your bill or 1-800-Comcast, or chat with them at https://www.comcastsupport.com/chatentry/. If they can't fix the problem remotely insist that they send a tech out to identify the cause and correct it.
If the tech finds bad coax, splitters, amplifiers, or connections in your home (even if Comcast originally supplied them) you'll probably have to pay for the visit unless you have their Service Protection Plan (http://www.xfinity.com/spp/, about $5/mo). If the trouble is due to a faulty Comcast phone modem or anything outside your home, you shouldn't be charged.
Comcast does not usually respond to problems with phone service here in the forums.

Similar Messages

  • Pix how to NOT block the LAND ATTACK

    Hi to All,
    how can I configure a pix Version 8.0(4) to NOT block the LAND ATTACK ?
    pix# sh log | i 17.12.18.24
    Oct 07 2010 15:47:31: %PIX-2-106017: Deny IP due to Land Attack from 17.12.18.24 to 17.12.18.24
    Oct 07 2010 15:47:31: %PIX-6-302014: Teardown TCP connection 1264706965 for outside:17.12.18.24/80 to inside:10.12.40.114/59790 duration 0:00:00 bytes 0 looping-address
    I've already disable the signature 1102
    http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=1102&signatureSubId=0&softwareVersion=6.0&releaseVersion=S473
    pix# sh run | i audit
    ip audit signature 1102 disable
    pix#
    but the drop continue ....
    pix# sh log | i 17.12.18.24
    Oct 07 2010 15:50:22: %PIX-2-106017: Deny IP due to Land Attack from 17.12.18.24 to 17.12.18.24
    Oct 07 2010 15:50:22: %PIX-6-302014: Teardown TCP connection 1264706965 for outside:17.12.18.24/80 to inside:10.12.40.114/59891 duration 0:00:00 bytes 0 looping-address
    Thanks
    Roberto Taccon

    Roberto,
    Can you please attach a show tech and sniffer trace of this traffic? Is it only this one host reporting problem (source or destination).
    Those can be cuased by misconfig ... or bugs ...
    http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsd99542
    Marcin

  • Lightweight APs drop out after Land Attack

    Hi
    We have a WLAN consisting of a WLC 4402 and 11 lightweight APs. For security/compliance reasons we have a Cisco PIX firewall that sits between the WLC (outside) and the APs (inside). The APs are allowed to form LWAPP tunnels through the firewall (inside access-list) to the WLC and the WLAN works as expected.
    The firewall then limits traffic from the WLAN (outside access list) to certain the internal systems.
    I have noticed that every so often the firewall logs show continuous "Land attack from 0.0.0.0 0.0.0.0" messages then all APs are disconnected (all lights flash).
    Just wondering if anybody else has seen this or has had a similar setup
    TIA
    Gary

    Hi Sandeep
    Forgeot to mention that the firewall is in transparent mode so there isn't any NATing or routing going on. The article doesn't cover the fact that the IP source and destination IP addresses are 0.0.0.0
    Regards
    Gary

  • Cisco pix 525 land attack

    Goodmorning,
    I have a message on my pix 525 someone is spoofing on a server from my dmz. How can i prevent spoofing attacks? It goes something like that : Deny IP due to Land Attack from 10.10.8.1 to 10.10.8.1

    The thing is that i have exhaustion of resources. How can i stop that?

  • Allow Land attack

    Hi,
    I have a Cisco ASA 5510 and couple of webservers behind it. For some specific applications, those webservers call the website hosted on the same box.
    The appliance sees that as a Land Attack and gives the following error:
    Deny IP due to Land Attack from a.b.c.d to a.b.c.d
    Is there any way I can disable this? I tried disabling Anti-spoofing in ASDM but no luck.
    Your inputs greatly appreciated.
    Thx in advance.
    -Janakan

    Hi,
    Thanks for the reply. Well, yea I'm receiving Land Attack because the application I run on my webserver calls it's own URL.(There is a work around by changing the URL with localhost or giving private IP). However, it would take sometime to make the code change. So, for timebeing I'd like to disable land attack and would liek to allow the traffic from a packet whose source/destination IP and port numbers are same.
    -Janakan

  • LAND Attack

    Hi Folks,
    I try to launch a LAND Attack against my firewall ASA 5520. Everything will work fine. But why, I think it shoud not work.
    I use a little tool where I can user a spoofed address, with a cluster shell and attack the firewall interface with the source of 127.0.0.1 ore the ip address of the interface as the source and destination. Then I get a cpu load of 89% with only two host. With IP tables I can use kernel processes to prevent this. But I don´t find anything for ASA

    Hi Bro
    LAND ATTACK is old news. I’m not surprise if your Cisco ASA is able to handle LAND ATTACKS well, which is a good news. The Cisco ASA receives a packet with the IP source address 127.0.0.1.
    There’s a another case on this, for your kind reference https://supportforums.cisco.com/thread/226294

  • Land Attack Alerts- ASA 5510

    Hello,
    We are getting below logs in our Syslog, pls suggest how could i stop this.
    "%ASA-2-106017: Deny IP due to Land Attack from 161.233.167.65 to 161.233.167.65 "

    Probably due to a configuration issue rather than network attacks, see e.g.
    https://supportforums.cisco.com/docs/DOC-14318
    for some suggestions about what to investigate.
    -- Jim Leinweber, WI State Lab of Hygiene

  • Deny IP due to Land Attack from publicip to publicip

    I have a web app that plays mp3's from one account on the server (website) on another account on the server, when this is attempted, I get
    Deny IP due to Land Attack from {publicip} to {publicip}
    I know and understand the error, I found it on the support pages, I understand that its becuase the source and destination are the same, but can anyone tell me how to allow this particular thing? Is this just a access rule? how do you set that up?

    Any Suggestions?
    Here is what I'm trying to do.
    I have an mp3 player that looks in a specific directory for files, it then plays those files and the playlist, it autodiscovers what is in the folder.
    There are four websites on this server, one of them is the main, and the other three have the players, the person that uploads the mp3's doesn't want to upload them four times, so they upload them to one website, then the other three websites use a php file to read the folder from the other accounts.
    Right now the player works, and the playlist shows up, but the mp3's do not play.
    The firewall gives me the land attack in the syslog, but I'm not exactly sure how to allow this to happen. I do have openbas_dir open on these accounts in the server, so I'm not sure why it wouldn't work after the firewall was installed.
    Just looking for options, if you have any.

  • Landed cost problem

    Sir it is ok that by t-code MIRO we can mention freight details but how to get LANDED cost .
                                               I am on-line .

    Hai,
    Create one condition type for Landed cost - freight and assigned to your pricing procedure.So that it will flow.

  • CSS DoS illegal Src Attack

    Hi,
    On my CSS 11506, logs are full of these kind of error messages:
    "NETMAN-5: Enterprise:DOS Attack:Illegal Src -> 5 times". It also generates a trap every seconds, flooding our syslogd and trapd server.
    The first information one would obviously require is which IP address, and on which interface, is causing this error message.
    I had a look at the "sh dos" command and I can see the counter for "Illegal Src Attacks" increasing (quite logical), BUT then in the detailed events, I can't see any of these events, I only see few SYN Attacks detailed events.
    So does anyone know where I can get the details for these "Illegal Src Attacks" events ?
    Many Thanks for any help,
    Regards,
    Arno

    Hi to all,
    i desperate need your help.
    I got a very similar problem with CSS.
    Same DoS attack. (many Syn Attack visible in the "show dos" detailed command and many Src Attack but only in the counters)
    The strange thing is that the ip address involved are unicast ip (not multicast).
    I've not understand many things.
    The first is , what's the reason why CSS see that 10.6.27.133 is an Illegal Src??? (It's in this case the .133 is the ip address of interface 6/9 of CSS)
    OS Attack Event  1:
    First Attack: 31/08/2010 22:52:24
    Last Attack:  31/08/2010 22:52:34
    Source Address:             10.6.27.133 Destination Address:         10.6.84.69
    Event Type:                 Illegal Src Total Attacks:                        3
    Someone can help me to understand?
    Below is the "show dos" with one event as an example
    Total Attacks: 33170637
    SYN Attacks:                 14,843,912 Maximum per second:                 284
    LAND Attacks:                         0 Maximum per second:                   0
    Zero Port Attacks:                    0 Maximum per second:                   0
    Illegal Src Attacks:         18,325,982 Maximum per second:                 224
    Illegal Dst Attacks:                743 Maximum per second:                   4
    Smurf Attacks:                        0 Maximum per second:                   0
    DOS Attack Event 12:
    First Attack: 31/08/2010 22:18:34
    Last Attack:  31/08/2010 22:31:26
    Source Address:             10.6.67.167 Destination Address:     113.213.43.145
    Where do you suggest to investigate??
    Many thanks,
    M.G.

  • Tow ASA-5520 problem

    Hi all team :
    I have two ASA connected together one with IPS module and the another with AntiX module, the inside interface of the first one is connected to the outside of second one
    The first one have default route to the ISP “internet” and the second have default route to the first one , I don't do static in the first one coz all IP are public and I run ver 7.2 on both ASA so all my ASA will work like a router , well my problem is the second ASA can not get access to the internet , when I open the logging in the first ASA I can see that the first ASA deny the second ASA by saying :
    “%ASA-2-106017: Deny IP due to Land Attack from xx.xx.xx.66 to xx.xx.xx.66”
    When I remove the second one and but my lap top with the same IP address I can connect to the internet but when I but the second ASA I can not, so I know there is a special configuration when you connect two ASA to work together.
    So can any one help please?

    Hi Emad,
    I recommend using "packet-tracer" to trace a packet going through the ASA-AntiX, This will help by tracing what happens to the packet when it goes though the ASA.
    I agree that without IP addresses this is hard to troubleshoot. Using "packet-tracer" may help you see the problem from your end. Details on this command may be found using command lookup tool. http://tools.cisco.com/Support/CLILookup/cltSearchAction.do?Application_ID=CLT&IndexId=IOS&IndexOptionId=123&SearchPhrase=%22*%22&Paging=25&ActionType=getCommandList&Bookmark=True
    The example given in the command reference is hostname# packet-tracer input inside tcp 10.2.25.3 www 209.165.202.158 aol detailed
    You will need to use something similar but replace IPs and specify the type of traffic you are experiencing problems with.
    Let me know how you get on.

  • Video chat problems - please help!!!!!

    Please help, I am trying to video chat with my father on a PC, and brother on a macbook
    I cannot video chat with either of them, I have an comm error -8 come back every time i initiate a video session with either my brother or my father. However my father (using a PC and AIM 6.5) can have successful video chat with both my brother and I.
    I have made the suggested alterations to both QT and iChat preferences, I have switched off both the router and mac firewalls, but still no joy.
    I am using a intel iMac OSX 10.4.11, with ichat 3.1.9 and a belkin router, any help would be appreciated, Thanks in advance

    If you have two computers on your LAN that you want to use the same ports for then you have to use a method that allows multiple computers.
    UPnP is one method and easiest to set up as it is usually an On/Off setting
    Port Triggering is another and needs you to know which ports iChat uses first and where it uses next to get it set up.
    UPnP also tends to get around any NAT issues
    Having said that the Link I sent you to earlier does not show UPnP or Port Triggering in the menu.
    User Manual
    http://www.belkin.com/uk/support/article/?lid=enu&pid=F5D7633uk4A&aid=6117&scid= 0
    Which Says it does have UPnP and an SPI firewall
    *Universal Plug-and-Play (UPnP) Compatibility*
    UPnP (Universal Plug-and-Play) is a technology that offers seamless
    operation of voice messaging, video messaging, games, and other
    applications that are UPnP-compliant.
    *SPI Firewall*
    Your Router is equipped with a firewall that will protect your network
    from a wide array of common hacker attacks including IP Spoofing,
    Land Attack, Ping of Death (PoD), Denial of Service (DoS), IP with zero
    length, Smurf Attack, TCP Null Scan, SYN flood, UDP flooding, Tear
    Drop Attack, ICMP defect, RIP defect, and fragment flooding.
    This last is the most likely cause of blocks as iChat data can be seen as an Attack by this sort of "firewall" It appears on page 56 of the manual.
    UPnP is on page 67
    10:10 PM Sunday; January 13, 2008

  • Need solutions for Budget, Landed cost and difference in 2005b and 2007B

    Hi all,
    Need help for the following scenarios
    1. How to define budget for Purchase order and cost centers
    2. Landed Cost in SAP B1 2007 how do we do? I am getting an error message stating that Landed cost allocation account is not defined....
    3. Difference in 2005B and 2007B
    Regards
    Shashi

    Thankyou Jasper,
    Landed cost problem has been solved.
    Regarding Budget set up My client need Budget at costcenter level. i.e Cost center wise they want the budget. As of my knowledge to do this we need to activate Account segmentation right?
    Without doing that is there any other way where we can set Budget cost center level also?
    one more thing, there is a check box of purchase order, Goods Receipt and Accounting at the time of setting up Budget in General setting? what it is for?
    Regariding difference in 2005b and 2007B I was not able to get documentation on this.
    Regards
    Shashi

  • KERNAL panic attacks, what causes?

    4 Panic attacks, problems with Mac OS X Kernal, in last week, any idea what causes this and how to fix?

    Learn to use Google:
    https://encrypted.google.com/search?q=%22os+x%22+%22kernel+panic%22&as_qdr=all&n ewwindow=1&num=100

  • TCP attacks

    Hi I am trying to troubleshoot a TCP attacks problem. Here is the following message: %TCP-2-TCP_MAXESTABLISHED:Possible TCP ACK attack. Maximum established connection limit 64 reached. Will drop unused connection.
    I know in LINUX there is a command to find out where open connections are coming from, I was wondering if there is a similar command for Cisco IOS? Thanks for the help.

    You may want to turn on NAT debug mode:
    ciscorouter> enable
    Password: ********
    ciscorouter#term mon
    ciscorouter#debug ip nat detailed
    IP NAT detailed debugging is on
    ciscorouter#
    03:29:49: NAT: creating portlist proto 6 globaladdr 97.158.253.26
    03:29:49: NAT: Allocated Port for 192.168.1.100 -> 97.158.253.26: wanted 80 got 80
    03:29:49: NAT: o: tcp (198.133.219.1, 5698) -> (97.158.253.26, 80) [0]
    Regards,
    Junhan

Maybe you are looking for

  • Configuring Web Services in 10.9 Help

    Hi All, I cannot find any comprehensive documentation on the subject (short of a retelling of the server.app Help Files) but I'm just trying to set up a web server in 10.9. I have the server app installed. I'm using a separate DNS Server (that will a

  • Query not able to Retrieve Summary Level Member

    Dear all, I have created a Planning application on BPC Netweaver 10.0. I am trying to retrieve the Planning Data via BEx Query in Dashboard. My Account dimension is hierarchical and I want the dashboard users to be able to select summary account when

  • Make jsp page read only

    dera frds, im working on a site,i make a web page based on jsp,that page has a download file,i want the authorized user can download that file,other can see that file as read only mode,but can't download,so plz provode me some program to make jsp pag

  • I lost my ipod5 receipt how can i recover it?

    I deleted my e-receipt e-mail. I bought an iPod 5 from Apple online.. it broke..want to get it fixed as still under warranty. How do i contact apple to do this?

  • Conecting iPod to an iMac G5

    Well i have now an iPod mini and im ordering this week an iPod video.. i have a Q's.. 1) How to make my PC to recognize the new iPod. 2) how to add all my iTunes files to the iPod. 3) How to make my PC not recognize the iPod mini. 4) Would I be able