Have you checked IDS for all Interfaces? If you have only checked the
external interface, then you miss the attacks that origin from your
internal lan (infected PC?). Perhaps one of your own PCs sends messages
with 127.0.0.1 as source ip? Stefan
You are leaving our website
You are leaving our site and we cannot be held responsible for the content of external websites