[j-nsp] DOS Attack
Stefan Fouant
sfouant at shortestpathfirst.net
Wed Aug 4 11:27:43 EDT 2010
> -----Original Message-----
> From: juniper-nsp-bounces at puck.nether.net [mailto:juniper-nsp-
> bounces at puck.nether.net] On Behalf Of sherif mostafa
> Sent: Wednesday, August 04, 2010 9:37 AM
> To: fweimer at bfk.de
> Cc: juniper-nsp at puck.nether.net
> Subject: Re: [j-nsp] DOS Attack
>
> Dear Florian,
>
> This ERX, Administration of router interface 0018.742f.b380 belongs to
> me also, but should I filter all those packet types ??
Sounds like you have a routing loop, perhaps default routes on two neighbors
pointing at each other? This is what I would suspect when I'm seeing TTL
expirations. In any event, this error message is just telling you that is
suspects that there is a problem, however are you actually observing poor
performance or is it causing some type of outage or other issue? 241 pps
really isn't that much - it's not what I would consider to be a normal
flooding type of attack...
Stefan Fouant, CISSP, JNCIEx2
www.shortestpathfirst.net
GPG Key ID: 0xB5E3803D
More information about the juniper-nsp
mailing list