Security Incidents mailing list archives
Re: route oddness
From: marcs () ZNEP COM (Marc Slemko)
Date: Thu, 13 Apr 2000 15:13:49 -0600
On Wed, 12 Apr 2000, Mike wrote:
Been seeing some funny things in my routing table (HP-UX 10.20). Was hoping someone could give me some ideas about them. What bothers me is that they are all outside the US and seem to be from the same IP classes. Are these traces of an exploit or normal traffic? Any ideas would be helpful.
Nothing unusual there. Just how HPUX stores PMTU values discovered via path MTU discovery. See http://users.worldgate.ca/~marcs/mtu/ for a description of PMTU-D; it is focused on what can break PMTU-D, but it also describes what it is and how it works. HPUX simply stores a route with the MTU info and a certain expiry.
Current thread:
- route oddness Mike (Apr 12)
- Re: route oddness Marc Slemko (Apr 13)