[146608] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

IP Options

daemon@ATHENA.MIT.EDU (harbor235)
Thu Nov 17 10:05:48 2011

Date: Thu, 17 Nov 2011 10:04:36 -0500
From: harbor235 <harbor235@gmail.com>
To: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

Is it just me or has there been an increase in packets with IP options set
hitting
our front door? There are ways to mitigate e.g. IP options selective
discard, and ACL
IP options support. ACL entries on the edge appear to be the best
way identify and log the source.
IP options selective discard drops packets silently so from my view they
are not as effective.

Is anyone doing anything else to identify and mitigate?  I have been seeing
hits on our firewalls
but would rather take care of it at our edge with little or no impact.

Mike


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[146608] in North American Network Operators' Group

IP Options

daemon@ATHENA.MIT.EDU (harbor235)Thu Nov 17 10:05:48 2011

daemon@ATHENA.MIT.EDU (harbor235)
Thu Nov 17 10:05:48 2011