Security Incidents mailing list archives
DDoS Attacks to several Networks (Switzerland)
From: michi () digicomp ch
Date: Thu, 20 Dec 2001 18:12:15 +0100
Hello there, Thuesday we've had a DDoS coming from 500 different sources. It was a "tcp-packet-flood" to unpriviledged ports. The DDoS take our network down for 2 hours. I called our ISP to block some IP's which has been spammed with these packets. There wasn't any sheme in the source IP's, looked like they were spoofed, 500 different hosts are a lot. At the same time two networks of friends (all in Switzerland) were DDoSed also, with same sheme. One friend reported that at the same time one box which was running an old version of ssh was owned, or probably owned by the same guy who did the DDoS. I think the "attacker" has found the ip's to attack on IRC. The attacks started from 2pm until 5pm (CET). Greetings Michi ------------------------------------------------- DIGICOMP AG Michi Zaugg Network & Security Limmatstr. 50 8005 Zuerich mailto: michi () digicomp ch mob: +41 (0) 79 245 75 34 tel: +41 (0) 1 447 21 46 fax: +41 (0) 1 447 21 51 ------------------------------------------------- - we're the dot in .digicomp ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- DDoS Attacks to several Networks (Switzerland) michi (Dec 20)
- RE: DDoS Attacks to several Networks (Switzerland) List-Collector (Dec 21)