Re: New Denial of Service Attack on Panix

["Perry E. Metzger" <perry () piermont com>]

Paul A Vixie writes:
> looks like the cisco access-list debugger doesn't show enough detail.
> as soon as the path to the attacker crosses a MAE, you need to know the
> source MAC level address of the router that's splattering you.

The ability to record a couple of minutes of packets, complete with
MAC layer data, and examine the packets post mortem, is really
important for this kind of work. tcpdump lets you do that and
more. Cisco stuff isn't really in that league, though as I said its
better than nothing.

Perry

- - - - - - - - - - - - - - - - -