设为首页收藏本站language 语言切换
开启辅助访问 切换到宽版

鸿鹄论坛

 找回密码
 论坛注册

QQ登录

先注册再绑定QQ

鸿鹄论坛»鸿鹄论坛 ≡□≡思科认证≡□≡ CCNP求助答疑 请教大神们个问题关于路由器分片是不是有攻击啊
返回列表 发新帖
查看: 1641|回复: 2
收起左侧

[求助] 请教大神们个问题关于路由器分片是不是有攻击啊

[复制链接]
hanxiang0423
发表于 2018-8-26 00:05:31 | 显示全部楼层 |阅读模式
10鸿鹄币
Aug 25 06:56:11.736: %IP_VFR-3-OVERLAP_FRAGMENTS: GigabitEthernet0/0: from the host 150.138.209.4 destined to 1.202.139.73
Aug 25 06:56:11.738: %IP_VFR-3-OVERLAP_FRAGMENTS: GigabitEthernet0/0: from the host 150.138.209.4 destined to 1.202.139.73
Aug 25 06:56:12.182: %IP_VFR-3-OVERLAP_FRAGMENTS: GigabitEthernet0/0: from the host 150.138.209.4 destined to 1.202.139.73
Aug 25 06:56:12.182: %IP_VFR-3-OVERLAP_FRAGMENTS: GigabitEthernet0/0: from the host 150.138.209.4 destined to 1.202.139.73
Aug 25 06:58:03.761: %IP_VFR-3-OVERLAP_FRAGMENTS: GigabitEthernet0/0: from the host 150.138.209.4 destined to 1.202.139.73
Aug 25 06:58:03.761: %IP_VFR-3-OVERLAP_FRAGMENTS: GigabitEthernet0/0: from the host 150.138.209.4 destined to 1.202.139.73
Aug 25 06:58:04.711: %IP_VFR-3-OVERLAP_FRAGMENTS: GigabitEthernet0/0: from the host 150.138.209.4 destined to 1.202.139.73
Aug 25 06:58:04.711: %IP_VFR-3-OVERLAP_FRAGMENTS: GigabitEthernet0/0: from the host 150.138.209.4 destined to 1.202.139.73
Aug 25 07:07:10.632: %SSH-4-SSH2_UNEXPECTED_MSG: Unexpected message type has arrived. Terminating the connection from 71.6.232.6
Aug 25 07:10:23.749: %IP_VFR-3-OVERLAP_FRAGMENTS: GigabitEthernet0/0: from the host 59.47.224.122 destined to 1.202.139.73
Aug 25 07:20:15.491: %IP_VFR-3-OVERLAP_FRAGMENTS: GigabitEthernet0/0: from the host 59.47.224.122 destined to 1.202.139.73
Aug 25 07:20:15.751: %IP_VFR-3-OVERLAP_FRAGMENTS: GigabitEthernet0/0: from the host 59.47.224.122 destined to 1.202.139.73
Aug 25 07:20:15.751: %IP_VFR-3-OVERLAP_FRAGMENTS: GigabitEthernet0/0: from the host 59.47.224.122 destined to 1.202.139.73
Aug 25 13:01:32.797: %SSH-4-SSH2_UNEXPECTED_MSG: Unexpected message type has arrived. Terminating the connection from 193.201.224.236
Aug 25 14:12:20.534: %SSH-4-SSH2_UNEXPECTED_MSG: Unexpected message type has arrived. Terminating the connection from 189.112.226.205
Aug 25 15:23:09.224: %SSH-4-SSH2_UNEXPECTED_MSG: Unexpected message type has arrived. Terminating the connection from 42.51.178.141
请大神们给看一下Aug 25 06:56:11.736: %IP_VFR-3-OVERLAP_FRAGMENTS: GigabitEthernet0/0: from the host 150.138.209.4 destined to 1.202.139.73
Aug 25 06:56:11.738: %IP_VFR-3-OVERLAP_FRAGMENTS: GigabitEthernet0/0: from the host 150.138.209.4 destined to 1.202.139.73
Aug 25 06:56:12.182: %IP_VFR-3-OVERLAP_FRAGMENTS: GigabitEthernet0/0: from the host 150.138.209.4 destined to 1.202.139.73
Aug 25 06:56:12.182: %IP_VFR-3-OVERLAP_FRAGMENTS: GigabitEthernet0/0: from the host 150.138.209.4 destined to 1.202.139.73
Aug 25 06:58:03.761: %IP_VFR-3-OVERLAP_FRAGMENTS: GigabitEthernet0/0: from the host 150.138.209.4 destined to 1.202.139.73
Aug 25 06:58:03.761: %IP_VFR-3-OVERLAP_FRAGMENTS: GigabitEthernet0/0: from the host 150.138.209.4 destined to 1.202.139.73
Aug 25 06:58:04.711: %IP_VFR-3-OVERLAP_FRAGMENTS: GigabitEthernet0/0: from the host 150.138.209.4 destined to 1.202.139.73
Aug 25 06:58:04.711: %IP_VFR-3-OVERLAP_FRAGMENTS: GigabitEthernet0/0: from the host 150.138.209.4 destined to 1.202.139.73
Aug 25 07:07:10.632: %SSH-4-SSH2_UNEXPECTED_MSG: Unexpected message type has arrived. Terminating the connection from 71.6.232.6
Aug 25 07:10:23.749: %IP_VFR-3-OVERLAP_FRAGMENTS: GigabitEthernet0/0: from the host 59.47.224.122 destined to 1.202.139.73
Aug 25 07:20:15.491: %IP_VFR-3-OVERLAP_FRAGMENTS: GigabitEthernet0/0: from the host 59.47.224.122 destined to 1.202.139.73
Aug 25 07:20:15.751: %IP_VFR-3-OVERLAP_FRAGMENTS: GigabitEthernet0/0: from the host 59.47.224.122 destined to 1.202.139.73
Aug 25 07:20:15.751: %IP_VFR-3-OVERLAP_FRAGMENTS: GigabitEthernet0/0: from the host 59.47.224.122 destined to 1.202.139.73
Aug 25 13:01:32.797: %SSH-4-SSH2_UNEXPECTED_MSG: Unexpected message type has arrived. Terminating the connection from 193.201.224.236
Aug 25 14:12:20.534: %SSH-4-SSH2_UNEXPECTED_MSG: Unexpected message type has arrived. Terminating the connection from 189.112.226.205
Aug 25 15:23:09.224: %SSH-4-SSH2_UNEXPECTED_MSG: Unexpected message type has arrived. Terminating the connection from 42.51.178.141
这个是不是有攻击啊~应该怎么解决啊!查了好多资料了都没找到真正的答案啊


最佳答案

网络小白成长

查看完整内容

要么暴力解决,直接把这些host过滤掉;要么就提升路由器接口的包重组能力,加强路由器的处理能力
回复

使用道具 举报

网络小白成长
发表于 2018-8-26 00:05:32 | 显示全部楼层
要么暴力解决,直接把这些host过滤掉;要么就提升路由器接口的包重组能力,加强路由器的处理能力
沙发 2018-8-26 00:05:32 回复 收起回复
回复

使用道具 举报

hanxiang0423
 楼主| 发表于 2018-8-27 13:29:05 | 显示全部楼层
我已经在接口上添加了ip virtual-reassembly in max-reassemblies 1024
                              ip virtual-reassembly out max-reassemblies 1024
但是还报这个。
板凳 2018-8-27 13:29:05 回复 收起回复
回复

使用道具 举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 论坛注册

本版积分规则

QQ|Archiver|手机版|小黑屋|sitemap|鸿鹄论坛 ( 京ICP备14027439号 )  

GMT+8, 2025-2-11 18:48 , Processed in 0.066070 second(s), 23 queries , Redis On.  

  Powered by Discuz!

  © 2001-2025 HH010.COM

快速回复 返回顶部 返回列表