[afnog] BGP issues and strange traffic
Folarin Oluwafemi
folarin077 at gmail.com
Sun Feb 21 22:24:12 UTC 2016
Hello Group Members,
I recently did BGP peering with my upstream provider and everything was
fine until a few days
time when i observe strange traffic from the interface of my WAN.
What i saw using torch tool (network real-time monitor) on Mikrotik was
traffic hitting my WAN
interface from IP prefix from unknown locations hitting my router for DNS
service that i can't
explain..
I disabled my LAN Public IP block of 196.13.111.0/24 and observed keenly
the scenario and still
observed high traffic coming in.
Because of this act, i have not been able to enjoy good internet service
from my provider.
Any filtering mechanism that can be used or how this attack can be
mitigated.
Attached is the snapshot of what am refering to.
*ETHER 5 is the interface facing my ISP *
*ETHER 3 is my LAN interface 196.13.111.0/24
<http://196.13.111.0/24> disabled*
I need assistance from the group in helping out.
Regards.
--
I am what God says I am
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.afnog.org/pipermail/afnog/attachments/20160221/5ae9e262/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 2016-02-20.png
Type: image/png
Size: 536520 bytes
Desc: not available
URL: <http://www.afnog.org/pipermail/afnog/attachments/20160221/5ae9e262/attachment-0003.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 2016-02-21 (1).png
Type: image/png
Size: 513907 bytes
Desc: not available
URL: <http://www.afnog.org/pipermail/afnog/attachments/20160221/5ae9e262/attachment-0004.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 2016-02-21.png
Type: image/png
Size: 558236 bytes
Desc: not available
URL: <http://www.afnog.org/pipermail/afnog/attachments/20160221/5ae9e262/attachment-0005.png>
More information about the afnog
mailing list