View Single Post
Old 4th July 2014
EverydayDiesel EverydayDiesel is offline
Shell Scout
 
Join Date: Jan 2009
Posts: 123
Default

i dont know if it helps at all but i did notice this in the tcpdump output last night.

Code:
rule2/(match) block in on xl1: 192.168.0.1.500 > 192.255.255.255.500: RIPv2-resp[items 1] : {192.168.1.0/255.255.255.9}(1)
Since 192.168.1.0 doesnt exist on my network I am guessing that this is his network. Even though this is a blocked rule, is there any indication here that would show how to block attacks like this?
Reply With Quote