North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: Network Probes
- From: Paul Ferguson
- Date: Thu Mar 09 18:20:53 2000
At 05:53 PM 03/09/2000 -0500, Scott McGrath wrote:
>I cannot find anything in the literature about this attack method, As a
>WILD guess
>it is a mutation of one of the DDOS tools with new ports. but this
>underscores the importance of martian filters on border routers and also
>filtering outbounds
>so that spoofed addresses cannot leave your border routers. Cisco also has
>an
>obscure command to verify the path but it drops the router into process
>switch mode
>as I recall, If I am wrong please correct
You're wrong. :-)
I think you're talking about "ip verify unicast reverse-path",
or what we also call Unicast RPF, which requires CEF switching
(which is definately _not_ process level switching).
- paul
|
