Jun 6 01:00:31 deathstar-ether 1793: %SEC-6-IPACCESSLOGP: list 113 denied
udp 192.168.1.2(0) -> 207.30.16.10(0), 3 packets
Jun 6 11:09:02 deathstar-ether 1794: %SEC-6-IPACCESSLOGP: list 113 denied
udp 192.168.0.1(0) -> 205.229.54.144(0), 6 packets
Jun 6 11:15:02 deathstar-ether 1795: %SEC-6-IPACCESSLOGP: list 113 denied
udp 192.168.1.2(0) -> 205.245.11.10(0), 2 packets
Is anyone else seeing lots of denied packets with port 0 on the dst and
src? This looks like some sort of attack. The ones above were denied
based on ingress filering (192.168/16 address are invalid for this port),
but I've gotten reports from customers that they're seeing similar things
with valid addresses and can't see how their access-lists are denying the
packets unless it's just because the ports are invalid.
------------------------------------------------------------------
Jon Lewis <jlewis@fdt.net> | Spammers will be winnuked or
Network Administrator | drawn and quartered...whichever
Florida Digital Turnpike | is more convenient.
______http://inorganic5.fdt.net/~jlewis/pgp for PGP public key____
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:13:14 EDT