Date: Fri, 16 Jan 1998 08:58:12 +0000 From: Karl Pielorz <kpielorz@tdx.co.uk> To: Stephen Comoletti <rugose@delanet.com> Cc: questions@FreeBSD.ORG Subject: Re: DoS Message-ID: <34BF2124.A357660F@tdx.co.uk> References: <199801160336.WAA18362@www.delanet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi Stephen, Where is the attack coming from? The Cisco can be configured to be pretty secure - this includes dropping any packets that have been obviously 'faked' as being from themselves etc. (and dropping packets with source routing tricks etc.) How much do you know about the Cisco's? and the IOS they run? - if you need / want further help email me... Regards, Karl Stephen Comoletti wrote: > > I have a situation I need a little advice on. I'm not sure if it belongs > here, however it does affect users of FreeBSD as well from what little I do > know. > > Ok..here is the setup. ISP with 2 cisco routers, both communicate between > eachother on a regular basis. They use radius for authentication. The isp > is under attack by a modified smurf. It has all the symptoms of a smurf but > it's comming in via udp and not icmp. to complicate it, the attacker is > spoofing the ip of each router and hitting them at the same time, changing > the port each time the isp kills input from one. > > Is there any way to defend/track down/stop an attack of this type? > > Steve
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?34BF2124.A357660F>