I would get these for time to time. I do not know what IP Option 0x14 is
specifically, but I seem to recall tracing it back to some load-balancer
devices.
If anyone knows what it means for sure I would be interested in a definitive
answer.
----- Original Message -----
From: "Miller, Dan" <dmiller_at_MICROTHERAPEUTICS.COM>
To: <INCIDENTS_at_SECURITYFOCUS.COM>
Sent: Tuesday, October 31, 2000 11:04 AM
Subject: PIX Question
> I am a 'newbie' to Security and have been a voyeur to this list-server
> for a while - plus the 'education' - so please be gentle...
>
> Recently the following message has been picked up at our PIX firewall:
>
> 106012:Deny IP from 0.0.0.0 to 161.58.250.155, IP options: "0x14"
>
> My question is what is an 'IP Option 0x14' ?
>
> Just from the outside IP address I assume this to be some kind of
> attempt to map or penetrate the network perimeter...
> Any other opinions?
>
> Thank you in advance.
> Daniel Miller
> IT Manager
> Micro Therapeutics, Inc.
>
>
> *******************************************************************
> The information contained in this message or any of its attachments
> should be considered privileged and confidential unless explicitly
> indicated otherwise, and is intended for the exclusive use of the
> addressee. Any disclosure, reproduction, distribution or other
> dissemination or use of this communication is strictly prohibited
> unless explicitly indicated otherwise.
>
> If you received this message in error, please reply to the sender
> and destroy the communication immediately.
> *******************************************************************
Received on Nov 02 2000
Intro
