[nsp-sec] UDP based DDoS attack against 80.65.160.10 (AS21196)
Chris Morrow
morrowc at ops-netman.net
Fri Mar 7 15:12:23 EST 2008
On Fri, 7 Mar 2008, Smith, Donald wrote:
> ----------- nsp-security Confidential --------
>
> Nic if they can they should block udp 0 <-> udp 0 somewhere upstream.
> That accounts for a very large portion of this attack and is invalid:)
udp 0/0 == frags of udp (sometimes, like nfs servers I've seen do this)
though, it's also probably attack traffic in some cases.
More information about the nsp-security
mailing list