13 May
2004
13 May
'04
8:16 a.m.
On 13-mei-04, at 13:31, Mark Johnson wrote:
I think what I'm trying to ask is:
1. Does anyone know if the exploit is actually being used? and 2. I assume there is no way to identify an exploit reset from the usual resets caused by routers hanging, ports failing, DDoS's, etc. However, I thought I'd ask...
This is from a couple of weeks, give or take, on an interface with 100 or so peers: deny tcp any any eq bgp rst log-input (3714 matches) If this is an attack I wish they were all like this. :-)