Milk attack

• From: Steve Nash
• Date: Fri Oct 02 00:29:31 1998

Im curious if anyone knows of the "milk" attack.  Our network was just
slammed by such
an attack for about an hour all aimed at one of our core routers.  A "sh
ip cache x.x.x.x x.x.x.x fl"
on it showed this:

SrcIf    SrcIPaddress  DstIf  DstIPaddress    Pr SrcP DstP Pkts B/Pk
Active
Fa0/0    208.10.5.2      Local    X.X.X.X           11 0498 0017
164K1028  985.3

except from 10 to 15 hosts all nailing us at the same time.  The
protocol as you see is "11" which
I have been unable to find information about.  There was no way to
filter it and access-lists denying
protocol "11" showed 0 matches.  Anyone have any ideas?

--
      \\|//
     -(@ @)-
==oOO==(_)==OOo=========================================================
Steven Nash
[email protected]
l i g h t n i n g  i n t e r n e t  s e r v i c e s  l l c
Chief Backbone Engineer -- Network Engineering
http://www.lightning.net

• Follow-Ups:
  • Re: Milk attack =?iso-2022-kr?Q?Jongwon_Kim=28=D1=D1_=F1=A3=EA=AA=29?=
  • Re: Milk attack Craig A. Huegen

• Prev by Date: [DIE] Re: Is the .to (Tonga) domain completely rogue and should be removed?
• Next by Date: Re: Is the .to (Tonga) domain completely rogue and should be removed?
• Date Index
• Thread Index
• Author Index
• Historical