nanog mailing list archives
Re: Possible New type of DOS attack
From: "Mike Lewinski" <mike () rockynet com>
Date: Mon, 25 Mar 2002 14:52:00 -0700
It was probably a large packet flood to random destination ports. Some of them happened to hit rshell. What really took out your routing procs was likely a huge packet flood, but due to volume you may not have been able to access normal interface counters (i.e. MRTG doesn't get any SNMP packets back when OSPF goes bye-bye). Mike ----- Original Message ----- From: "Vinny India" <vindia () ads espire net> To: <nanog () merit edu> Sent: Monday, March 25, 2002 2:44 PM Subject: Possible New type of DOS attack
Anyone out there ever witness an attack were you received several RSHPORT attempts (5 per second) on a cisco router from different spoofed source addresses. It was capable of taking out BGP and OSPF sessions on the
router.
Current thread:
- Possible New type of DOS attack Vinny India (Mar 25)
- Re: Possible New type of DOS attack Mike Lewinski (Mar 25)