Dear sir. I'm facing this packets continuously on my server. Can someone please explain me what these packets r and for what they r used? is this possibly a DDOS attack?? the sample tcpdump output is: 20:32:22.658735 200.213.38.137.1812 > XX.XX.XX.XX.1812: rad-#0 41 [id 0] Attr[ Term_action Term_action Term_action Term_ac tion Term_action Term_action Term_action Term_action Term_action Term_action Term_action second time tcpdump 20:39:57.168735 202.30.10.188.1812 > XX.XX.XX.XX.1812: rad-#0 41 [id 0] Attr[ Term_action This Line Term_action goes on till infinity (or may b till run out of buffers) Means these packets are coming from a different different Ip addresses ... I'm not running anything on 1812 port (neither udp or tcp) Does above packet mean another protocol than udp/tcp ?? can someone please explain me the above problem ... i'm getting worried about the traffic coming to my servers .... Thanking you, Mobby ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Oct 18 2002 - 17:12:15 PDT