Re: [swinog] fw change on bluewin adsl accounts today?

Schenkel Martin schrieb:

Well, the only good solution to this ugly attack is to do what Goetz suggested; As an ISP inbound filter the offending IP address. This is what we did several hours ago and all is fine since then.

BTW AS44066 which propagates the offending IP address claims spoofing.

Firewalls of all type of models have/had issues with this attack. On some you might be able to turn on a SYN flood attack feature which will then blacklist the IP locally on the firewall.

Not only firewalls, I think it affects also APC remote power switches.

F.