Security Incidents mailing list archives
Re: flood
From: Matt Merhar <grid_goolah () HOTMAIL COM>
Date: Tue, 25 Jul 2000 23:05:27 EDT
The attack is probably spoofed, as I doubt www.he.net (what the ip of pluto.he.net also has pointed to it), a LARGE webhosting company (multiple oc-3's) has been compromised, and if they have been, they would've noticed the abnormal ICMP traffic originating from one of their hosts by now.
From: Petar Computers RooT <root () NS PETAR RO> Reply-To: Petar Computers RooT <root () NS PETAR RO> To: INCIDENTS () SECURITYFOCUS COM Subject: flood Date: Tue, 25 Jul 2000 12:35:44 +0300 Hi I am network administrator at a local ISP (Petar Software) from Botosani -Romania I want to report that i was DDoS-ed from a Hurricane Electric's site pluto.he.net (icmp packets) starting from 25 Jul - 3 AM local time (GMT+2). At this time 12 PM (local time) we are still atacked. I have report the atack to the he.net and pluto.he.net admins...waiting for them to take necessary measures Thanks -------------------------------------- Macsim Catalin Phone: +40-(0)92-756838 Network Administrator - Petar Software
________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
Current thread:
- flood Petar Computers RooT (Jul 25)
- <Possible follow-ups>
- Re: flood Matt Merhar (Jul 26)