[Dshield] UDP/65535 and Tcpdump Help
jgs316 at gmail.com
Fri Oct 22 13:01:12 GMT 2004
If the source of the packets was from an address range that I had
customers that I did business with then I would not have just blocked
the entire range, I would have been more specific in my block of the
offending traffic. However sense I don't do business with Russia, the
safest, quickest, easiest solution to stopping them was to block the
On Thu, 21 Oct 2004 10:40:14 -0700, Darrel Lewis <darlewis at cisco.com> wrote:
> Of course, you have no idea if the 188.8.131.52 really sent those packets...
> Do you? Really?
> What if the source of those packets were set to the aol mega proxy addr.
More information about the list