nanog mailing list archives
Re: Help with identifying a kind of attack.
From: "David O'Leary" <doleary () juniper net>
Date: Tue, 08 Dec 1998 10:39:24 -0500
maybe EGP?
:-/
dave
At 05:07 PM 12/8/98 -0500, Thom Youngblood wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I've been tracking an attack all day long, and have been frustrated trying to figure out both what was being attacked, and how. Finally, I realized it was *not* ICMP, UDP, or TCP. #sh access-lists 151 Extended IP access list 151 permit icmp any 20.0.0.0 0.255.255.255 (1023 matches) permit udp any 20.0.0.0 0.255.255.255 (4347 matches) permit tcp any 20.0.0.0 0.255.255.255 (86444 matches) deny ip any 20.0.0.0 0.255.255.255 (5547308 matches) permit ip any any (4450563 matches) In the above, notice the disparity? So, my question is... What the hell kind of packet is it if it's not ICMP, UDP, or TCP? -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.0 for non-commercial use <http://www.pgp.com> iQA/AwUBNm2jB2fkezbzToVaEQIQQQCgllupf+cmax8w5n/RgYhlATz+BuQAn38r Di2Ec9bI2Prrahm9yKp5rohS =/qOm -----END PGP SIGNATURE-----
Current thread:
- Help with identifying a kind of attack. Thom Youngblood (Dec 08)
- Re: Help with identifying a kind of attack. Jon Green (Dec 08)
- Re: Help with identifying a kind of attack. Nikos Mouat (Dec 08)
- Re: Help with identifying a kind of attack. Ehud Gavron (Dec 08)
- Re: Help with identifying a kind of attack. Andy McConnell (Dec 08)
- Re: Help with identifying a kind of attack. David O'Leary (Dec 08)
- <Possible follow-ups>
- Re: Help with identifying a kind of attack. Adam D. McKenna (Dec 08)
- Re: Help with identifying a kind of attack. Henry Linneweh (Dec 08)
- Re: Help with identifying a kind of attack. Daniel Senie (Dec 09)