[Dshield] UDP/65535 and Tcpdump Help

Justin S jgs316 at gmail.com
Fri Oct 22 13:01:12 GMT 2004

If the source of the packets was from an address range that I had
customers that I did business with then I would not have just blocked
the entire range, I would have been more specific in my block of the
offending traffic.  However sense I don't do business with Russia, the
safest, quickest, easiest solution to stopping them was to block the
whole range.

On Thu, 21 Oct 2004 10:40:14 -0700, Darrel Lewis <darlewis at cisco.com> wrote:
> Of course, you have no idea if the really sent those packets...
> Do you?  Really?
> What if the source of those packets were set to the aol mega proxy addr.
> blocks?
> -D 

More information about the list mailing list