Full Disclosure mailing list archives
Attack profiling tool?
From: "Gareth Blades" <list.fulldisclosure () webscreen-technology com>
Date: Thu, 10 Jul 2003 16:12:01 +0100
I have seen a few occurances of someone opening up HTTPS connections on one of our servers until they reach a point where they fail to open up any more connections 3 times. They then close down all the connections. You can see a full packet trace at http://www.webscreen-technology.com/temp/attack20030707.htm I have seen this a number of times from various IP addresses and it is always exactly the same. Our product which detected this prevents against these types of attacks anyway so it is not a problem but I was wondering if it is a particular attack tool going round the Internet profiling different sites to see how many connections they support. -- Gareth Blades Webscreen Technology _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Attack profiling tool? Gareth Blades (Jul 10)
- Re: Attack profiling tool? morning_wood (Jul 10)
- Re: Attack profiling tool? daniel uriah clemens (Jul 10)
- RE: Attack profiling tool? Gareth Blades (Jul 11)
- <Possible follow-ups>
- RE: Attack profiling tool? Gareth Blades (Jul 11)
- RE: Attack profiling tool? Gareth Blades (Jul 11)
- RE: RE: Attack profiling tool? Gareth Blades (Jul 11)
- RE: RE: Attack profiling tool? Ron DuFresne (Jul 11)
- RE: RE: Attack profiling tool? Gareth Blades (Jul 11)
- RE: RE: Attack profiling tool? Ron DuFresne (Jul 11)
- RE: RE: Attack profiling tool? Gareth Blades (Jul 11)
- RE: RE: Attack profiling tool? Ron DuFresne (Jul 11)
(Thread continues...)