[Dshield] UDP/65535 and Tcpdump Help

Justin S jgs316 at gmail.com
Fri Oct 22 13:01:12 GMT 2004


If the source of the packets was from an address range that I had
customers that I did business with then I would not have just blocked
the entire range, I would have been more specific in my block of the
offending traffic.  However sense I don't do business with Russia, the
safest, quickest, easiest solution to stopping them was to block the
whole range.


On Thu, 21 Oct 2004 10:40:14 -0700, Darrel Lewis <darlewis at cisco.com> wrote:
> Of course, you have no idea if the 83.102.166.0 really sent those packets...
> Do you?  Really?
> 
> What if the source of those packets were set to the aol mega proxy addr.
> blocks?
> 
> -D 
>



More information about the list mailing list