u32 filter udp lenght 0 to 29

Posted by Mark Ocok on Server Fault See other posts from Server Fault or by Mark Ocok
Published on 2012-11-21T06:20:05Z Indexed on 2012/11/21 11:05 UTC
Read the original article Hit count: 197

Filed under:
|
Sep 30 18:20:02 30AA30 kernel: ** IN_UDP DROP ** IN=eth0 OUT= MAC=b8:ac:6f:99:8e:b2:a8:d0:e5:bf:71:81:08:00 SRC=66.225.232.169 DST=68.68.27.84 LEN=28 TOS=0x00 PREC=0x00 TTL=49 ID=21668 DF PROTO=UDP SPT=48153 DPT=16078 LEN=8
Sep 30 18:20:02 30AA30 kernel: ** IN_UDP DROP ** IN=eth0 OUT= MAC=b8:ac:6f:99:8e:b2:a8:d0:e5:bf:71:81:08:00 SRC=66.225.232.169 DST=68.68.27.84 LEN=28 TOS=0x00 PREC=0x00 TTL=49 ID=21669 DF PROTO=UDP SPT=48153 DPT=16078 LEN=8
Sep 30 18:20:02 30AA30 kernel: ** IN_UDP DROP ** IN=eth0 OUT= MAC=b8:ac:6f:99:8e:b2:a8:d0:e5:bf:71:81:08:00 SRC=66.225.232.169 DST=68.68.27.84 LEN=28 TOS=0x00 PREC=0x00 TTL=49 ID=21670 DF PROTO=UDP SPT=48153 DPT=16078 LEN=8
Sep 30 18:20:02 30AA30 kernel: ** IN_UDP DROP ** IN=eth0 OUT= MAC=b8:ac:6f:99:8e:b2:a8:d0:e5:bf:71:81:08:00 SRC=66.225.232.169 DST=68.68.27.84 LEN=28 TOS=0x00 PREC=0x00 TTL=49 ID=21671 DF PROTO=UDP SPT=48153 DPT=16078 LEN=8

It's Spoofing attack dos, how to block Spoofing UDP lenght 0 to 29 using u32 Flooder target udp length udp 0 to 29

© Server Fault or respective owner

Related posts about linux

Related posts about iptables