[c-nsp] OSPF4-BAD-LENGTH

Luan M Nguyen luan at t3technology.com
Thu Jul 3 07:52:18 EDT 2008


They are trying this maybe?
http://www.cisco.com/en/US/partner/products/products_security_advisory09186a
008029e189.shtml

-Luan

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Eric Van Tol
Sent: Thursday, July 03, 2008 7:45 AM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] OSPF4-BAD-LENGTH

Hi all,
This isn't a question of what, but how :-)  We received this log on one of
our 6509s last night:

Jul  3 06:04:40 EDT: %OSPF-4-BADLENGTH: Invalid length 34778 in OSPF packet
type 39 from 218.106.119.133 (ID 244.193.1.14), GigabitEthernet1/5

This address has no direct connectivity with our network, as it appears to
be from a Chinese network.  My question is how does an OSPF packet get
through the general internet?  Or could this be more than likely just some
sort of vulnerability scanner that is spoofing various protocols?

-evt
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list