Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: flood

From: Matt Merhar <grid_goolah () HOTMAIL COM>
Date: Tue, 25 Jul 2000 23:05:27 EDT
The attack is probably spoofed, as I doubt www.he.net (what the ip of
pluto.he.net also has pointed to it), a LARGE webhosting company (multiple
oc-3's) has been compromised, and if they have been, they would've noticed
the abnormal ICMP traffic originating from one of their hosts by now.


From: Petar Computers RooT <root () NS PETAR RO>
Reply-To: Petar Computers RooT <root () NS PETAR RO>
To: INCIDENTS () SECURITYFOCUS COM
Subject: flood
Date: Tue, 25 Jul 2000 12:35:44 +0300

Hi
I am network administrator at a local ISP (Petar Software) from Botosani
-Romania
I want to report that i was DDoS-ed from a  Hurricane Electric's  site
pluto.he.net (icmp packets) starting from 25 Jul - 3 AM local time
(GMT+2). At this time 12 PM (local time) we
are still atacked.
 I have report the atack to the he.net and pluto.he.net admins...waiting
for them to take necessary measures
 Thanks
--------------------------------------
Macsim Catalin    Phone:    +40-(0)92-756838
Network Administrator - Petar Software


________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
Previous By Date Next
Previous By Thread Next

Current thread: