Full Disclosure mailing list archives

DDoS and the right way to react...

From: van Helsing <vh () helith net>
Date: Fri, 20 Aug 2004 23:58:18 +0200

I've a server and it's DDoSed for a week now.
I informed the ISPs but they don't react so what else can I do to stop a
damn DDoS attack?

My server shows me about some houndrets entry like:

tcp        0      0  62.8.206.154.80        129.125.220.178.2056  
FIN_WAIT_2
tcp        0      0  62.8.206.154.80        24.101.73.167.2011    
FIN_WAIT_2
tcp        0      0  62.8.206.154.80        83.27.195.87.13242    
FIN_WAIT_2
tcp        0      0  62.8.206.154.80        129.125.220.178.2055  
FIN_WAIT_2
tcp        0      0  62.8.206.154.80        24.101.73.167.2010    
FIN_WAIT_2
tcp        0      0  62.8.206.154.80        129.125.220.178.2054  
FIN_WAIT_2
tcp        0      0  62.8.206.154.80        24.101.73.167.2008    
FIN_WAIT_2
tcp        0      0  62.8.206.154.80        129.125.220.178.2053  
FIN_WAIT_2
tcp        0      0  62.8.206.154.80        24.101.73.167.2007    
FIN_WAIT_2
tcp        0      0  62.8.206.154.80        129.125.220.178.2052  
FIN_WAIT_2
tcp        0      0  62.8.206.154.80        24.101.73.167.2006    
FIN_WAIT_2
tcp        0      0  62.8.206.154.80        129.125.220.178.2051  
FIN_WAIT_2
tcp        0      0  62.8.206.154.80        83.27.195.87.13240    
FIN_WAIT_2
tcp        0      0  62.8.206.154.80        24.101.73.167.2005    
FIN_WAIT_2


So what can I do?
Or: Could somebody tell me how to contact the police in poland,
netherland and the other country?

Thanks for some tipps....


vh

Attachment: _bin
Description:

Current thread:

DDoS and the right way to react... van Helsing (Aug 20)
- Re: DDoS and the right way to react... Steffen Schumacher (Aug 22)