[j-nsp] DOS Attack
sherif mostafa
sherifmka2004 at hotmail.com
Wed Aug 4 09:36:53 EDT 2010
Dear Florian,
This ERX, Administration of router interface 0018.742f.b380 belongs to me also, but should I filter all those packet types ??
> To: sherifmka2004 at hotmail.com
> CC: juniper-nsp at puck.nether.net
> Subject: Re: [j-nsp] DOS Attack
> From: fweimer at bfk.de
> Date: Wed, 4 Aug 2010 13:27:05 +0000
>
> * sherif mostafa:
>
> > Could anyone help please as I've faced an error message "DOS" below
> > that caused high CPU usage:
>
> > ERROR 08/02/2010 16:22:46 CAI dosProtection: Flow is suspicious:
> > GigabitEthernet11/0.410 for control protocol: IP TTL Expired source MAC
> > 0018.742f.b380 with rate 241 pps
>
> Have you checked that you haven't got a routing loop or something like
> that? (And which platform is that, BTW?)
>
> If this isn't the case, you need to figure out who's got the
> 0018.742f.b380 MAC address and ask them to stop sending those packets.
>
> --
> Florian Weimer <fweimer at bfk.de>
> BFK edv-consulting GmbH http://www.bfk.de/
> Kriegsstraße 100 tel: +49-721-96201-1
> D-76133 Karlsruhe fax: +49-721-96201-99
More information about the juniper-nsp
mailing list