[nsp] access-list log entry question

Rob Thomas robt@cymru.com
Fri, 6 Dec 2002 05:07:10 -0600 (CST)

Previous message: [nsp] access-list log entry question
Next message: [nsp] (no subject)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi, all.

] The 255 refers to the IP protocol ID, (tcp=6, udp=17, etc.)...  You

Indeed, and this is routinely used in DDoS attacks.  There are a few
DoS tools that will generate protocol 255 and 0 flows.

Thanks,
Rob.
-- 
Rob Thomas
http://www.cymru.com
ASSERT(coffee != empty);

Previous message: [nsp] access-list log entry question
Next message: [nsp] (no subject)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]