Security Incidents mailing list archives
Re: PIX Question
From: Shawn Davenport <shawn.davenport () CURRENEX COM>
Date: Tue, 31 Oct 2000 15:23:25 -0800
It refers to the IP Options field of the IP header. The field is 40bytes max in length. 14 is listed as experimental access control on http://www.isi.edu/in-notes/iana/assignments/ip-parameters . For the most part options are very rarely used and I would be cautious of packets coming in using ANY options! In regards to the possibility of someone trying to mapping your network, I would say the chances are good. Some of the more interesting IP options such as lose and strict source routing can help provide a wealth of information regarding network topology. Hope that help! Shawn -----Original Message----- From: Miller, Dan [mailto:dmiller () MICROTHERAPEUTICS COM] Sent: Tuesday, October 31, 2000 11:05 AM To: INCIDENTS () SECURITYFOCUS COM Subject: PIX Question I am a 'newbie' to Security and have been a voyeur to this list-server for a while - plus the 'education' - so please be gentle... Recently the following message has been picked up at our PIX firewall: 106012:Deny IP from 0.0.0.0 to 161.58.250.155, IP options: "0x14" My question is what is an 'IP Option 0x14' ? Just from the outside IP address I assume this to be some kind of attempt to map or penetrate the network perimeter... Any other opinions? Thank you in advance. Daniel Miller IT Manager Micro Therapeutics, Inc. ******************************************************************* The information contained in this message or any of its attachments should be considered privileged and confidential unless explicitly indicated otherwise, and is intended for the exclusive use of the addressee. Any disclosure, reproduction, distribution or other dissemination or use of this communication is strictly prohibited unless explicitly indicated otherwise. If you received this message in error, please reply to the sender and destroy the communication immediately. *******************************************************************
Current thread:
- PIX Question Miller, Dan (Nov 01)
- Re: PIX Question Bill Pennington (Nov 02)
- <Possible follow-ups>
- Re: PIX Question Shawn Davenport (Nov 02)
- Re: PIX Question Laura Nuñez (Nov 05)