BGP Exploit

• Previous message (by thread): BGP Exploit
• Next message (by thread): FW: Worms versus Bots
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 13-mei-04, at 13:31, Mark Johnson wrote:

> I think what I'm trying to ask is:

> 1. Does anyone know if the exploit is actually being used? and
> 2. I assume there is no way to identify an exploit reset from the usual
> resets caused by routers hanging, ports failing, DDoS's, etc. However, 
> I
> thought I'd ask...

This is from a couple of weeks, give or take, on an interface with 100 
or so peers:

     deny tcp any any eq bgp rst log-input (3714 matches)

If this is an attack I wish they were all like this.  :-)

• Previous message (by thread): BGP Exploit
• Next message (by thread): FW: Worms versus Bots
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]