[c-nsp] Filtering TCP NULL packets
Gideon Le Grange
gideon at adept.co.za
Tue Jul 24 03:55:57 EDT 2007
On 23 Jul 2007, at 4:19 PM, Jim Devane wrote:
> Hello,
>
> I am seeing a large increase in TCP NULL packets over our
> network. I
> am looking for suggestions on effective ways to block this traffic.
> I have considered ACL'ing something like this:
>
> ip access-list extended test
> deny tcp any any match-all -ack -fin -psh -rst -syn -urg
> permit ip any any
>
> What other methods might be more effective?
What do you mean by null? Does the packet contain only TCP headers
and no payload?
G
More information about the cisco-nsp
mailing list