Security Incidents mailing list archives
RE: DoS "Probing" on one of our hosts
From: "Donald Voss" <voss () albany edu>
Date: Mon, 30 Jun 2003 11:57:40 -0400
Hello Chris .. Not to be a jerk .. but could it have been a file sharing app or two or three .. a rooted box .. = warez ftp ? You never know until you look close. We have had students here do the file sharing thing .. then of course everyone sorts the hits by speed .. then queues up a few hindered .. so our pipe has been filled from outside connections .. can anyone say packeteer .. regards, /don chown -r us:us /yourbase/ -----Original Message----- From: Christopher Kunz [mailto:chrislist () de-punkt de] Sent: Monday, June 30, 2003 3:37 AM To: incidents () securityfocus com Subject: Re: DoS "Probing" on one of our hosts Harlan Carvey wrote:
I'm very interested to see what information you can provide on this event, to show that it was, in fact, a DoS attack.
Uhm, I'm quite positive that 97.8 mBit coming in through our uplink are a pretty good indicator for an attack. And by "probing" I meant that maybe the attacker only tried to determine our maximum bandwidth for a larger-scale attack, since the DoSes stopped fairly soon without any outer influence. --ck -- php development | hosting | housing | professional game server hosting http://www.de-punkt.de [ chris () de-punkt de ] http://www.stormix.de +49 511 1237504 | +49 511 1237505 | laportestr. 2a, 30449 hannover.de Filoo auf dem Linuxtag 2003 (F15) - http://www.de-punkt.de/lt2003.php ---------------------------------------------------------------------------- Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, the world's premier technical IT security event! 10 tracks, 15 training sessions, 1,800 delegates from 30 nations including all of the top experts, from CSO's to "underground" security specialists. See for yourself what the buzz is about! Early-bird registration ends July 3. This event will sell out. www.blackhat.com ---------------------------------------------------------------------------- ---------------------------------------------------------------------------- Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, the world's premier technical IT security event! 10 tracks, 15 training sessions, 1,800 delegates from 30 nations including all of the top experts, from CSO's to "underground" security specialists. See for yourself what the buzz is about! Early-bird registration ends July 3. This event will sell out. www.blackhat.com ----------------------------------------------------------------------------
Current thread:
- DoS "Probing" on one of our hosts Christopher Kunz (Jun 29)
- Re: DoS "Probing" on one of our hosts Chris Calvert (Jun 30)
- Re: DoS "Probing" on one of our hosts Christopher Kunz (Jun 30)
- Re: DoS "Probing" on one of our hosts Edward Balas (Jun 30)
- Re: DoS "Probing" on one of our hosts Christopher Kunz (Jun 30)
- <Possible follow-ups>
- re: DoS "Probing" on one of our hosts Harlan Carvey (Jun 30)
- Re: DoS "Probing" on one of our hosts Christopher Kunz (Jun 30)
- RE: DoS "Probing" on one of our hosts Donald Voss (Jun 30)
- Re: DoS "Probing" on one of our hosts Christopher Kunz (Jun 30)
- Re: DoS "Probing" on one of our hosts Christopher Kunz (Jun 30)
- Re: DoS "Probing" on one of our hosts Chris Calvert (Jun 30)
- RE: DoS "Probing" on one of our hosts Keith T. Morgan (Jun 30)
- RE: DoS "Probing" on one of our hosts King, Brian (Jun 30)
- Re: DoS "Probing" on one of our hosts Christopher Kunz (Jun 30)
- RE: DoS "Probing" on one of our hosts Cook, Christopher S. (Jun 30)
- RE: DoS "Probing" on one of our hosts Harlan Carvey (Jun 30)
- RE: DoS "Probing" on one of our hosts Stone, Alexander (Jun 30)