funsec mailing list archives
Re: DoS help
From: RandallM <randallm () fidmail com>
Date: Tue, 9 Nov 2010 06:48:36 -0600
------------------------------ Message: 11 Date: Tue, 09 Nov 2010 06:34:26 +0000 From: Thomas M Carlsson <thomas () carlsson fm> Subject: Re: [funsec] DoS help To: funsec () linuxbox org Message-ID: <4CD8EB72.8020702 () carlsson fm> Content-Type: text/plain; charset=ISO-8859-1 On 08/11/2010 23:05, RandallM wrote:Well...the Echo request hit again our IP block address using another IP (both from FR.), the first hits were morning, second wer about two hours of it in the afternoon (I've never experienced where it hit the whole damn thing X.X.X.255)I assume this e-mail was intended as a joke (this being funsec etc), but I'll bite just in case someone who actually has this problem runs into the thread on Google; Above scenario is indicative of a network being an intermediary in a UDP broadcast amplification attack, i.e. fraggle. See http://www.lmgtfy.com/?q=fraggle+attack Thomas/Beige -- Thomas Mannfred Carlsson mail () thomascarlsson com SMS: +35-850-07-07-850 PGP Key ID: 0x69570687 ------------------------------
Thomas, thanks for falling for the joke. After all that's what funsec is! And thank you for the input...Looks like SBC is not doing there job on the router end preventing such for me. I see that is prolly my first line of defence is to get them to do that and the other as Dan pointed out..go for Dynamic IP...we dont want this again. would DNSSec be useful here? -- been great, thanks RandyM a.k.a System _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- DoS help RandallM (Nov 08)
- Re: DoS help Dan White (Nov 08)
- Re: DoS help Thomas M Carlsson (Nov 08)
- Re: DoS help der Mouse (Nov 08)
- <Possible follow-ups>
- Re: DoS help RandallM (Nov 09)
- Re: DoS help RandallM (Nov 09)