Security Incidents mailing list archives
spoofed syn flooding
From: brspengler () SALISBURYMD ORG (Brad Spengler)
Date: Tue, 30 May 2000 20:21:31 -0400
hello. recently one of my machines here was attacked by spoofed syn flooding. the host was attacked on port 143 (imap)..however i wasn't running that service. i have contacted abuse () bellatlantic net, who owns the internet connection of the host on my network. i sent them logs of the attack and of the cpu utilization of the system during the attack. i was wondering what other information i should have/use and what sort of action i can take against this? i know that the isp can trace the packets through routers back to the attacker, however is there any legal or other action that can be taken? any help at all would be greatly appreciated.
Current thread:
- spoofed syn flooding Brad Spengler (May 30)