17 Nov
2011
17 Nov
'11
10:04 a.m.
Is it just me or has there been an increase in packets with IP options set hitting our front door? There are ways to mitigate e.g. IP options selective discard, and ACL IP options support. ACL entries on the edge appear to be the best way identify and log the source. IP options selective discard drops packets silently so from my view they are not as effective. Is anyone doing anything else to identify and mitigate? I have been seeing hits on our firewalls but would rather take care of it at our edge with little or no impact. Mike