[j-nsp] DOS Attack
Florian Weimer
fweimer at bfk.de
Wed Aug 4 09:27:05 EDT 2010
* sherif mostafa:
> Could anyone help please as I've faced an error message "DOS" below
> that caused high CPU usage:
> ERROR 08/02/2010 16:22:46 CAI dosProtection: Flow is suspicious:
> GigabitEthernet11/0.410 for control protocol: IP TTL Expired source MAC
> 0018.742f.b380 with rate 241 pps
Have you checked that you haven't got a routing loop or something like
that? (And which platform is that, BTW?)
If this isn't the case, you need to figure out who's got the
0018.742f.b380 MAC address and ask them to stop sending those packets.
--
Florian Weimer <fweimer at bfk.de>
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99
More information about the juniper-nsp
mailing list