[150910] in North American Network Operators' Group

home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Increase of DOS attacks using TCP src and/or dst of 0

daemon@ATHENA.MIT.EDU (Christopher Morrow)
Wed Mar 7 16:30:43 2012

In-Reply-To: <483E6B0272B0284BA86D7596C40D29F901928959AA9D@PUR-EXCH07.ox.com>
Date: Wed, 7 Mar 2012 16:29:46 -0500
From: Christopher Morrow <morrowc.lists@gmail.com>
To: Matthew Huff <mhuff@ox.com>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

On Wed, Mar 7, 2012 at 3:45 PM, Matthew Huff <mhuff@ox.com> wrote:
> Anyone else see a massive increase of scanning/dos with TCP source and/or
> dst port of 0? We started seeing a massive increase today creating some
> issue with our firewalls.

srs/dst of 0 as measured how? (tcpdump? netflow? app logs?)

home	help	back	first	fref	pref	prev	next	nref	lref	last	post