funsec mailing list archives
DoS help
From: RandallM <randallm () fidmail com>
Date: Mon, 8 Nov 2010 17:05:42 -0600
hi sorry for interrupting the fun in funsec, I work for a small promotional products company that today experienced DoS. Most of you here are above me in understanding such so i will spare you the whole story and am asking for advice to present to my CIO on what measures can be taken to prevent another day where it cost us $$$! Once I found the "UDP Echo request" pounding us and contacted ATT/SBC explaining to them how rebooting the router opened the internet for a few minutes until these same request started pounding again all they could tell me was to "email to them" a request to block. Well...the Echo request hit again our IP block address using another IP (both from FR.), the first hits were morning, second wer about two hours of it in the afternoon (I've never experienced where it hit the whole damn thing X.X.X.255) My CIO wants to know what can be done so they can report this to the CEO. At the moment we have two Radware boxes capable of controling our DNS and taking two internet ISP (att or whomever we choose). In theory would switching our ip blocks from one ISP to the other control such? Or would it just also follow? -- been great, thanks RandyM a.k.a System _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- DoS help RandallM (Nov 08)
- Re: DoS help Dan White (Nov 08)
- Re: DoS help Thomas M Carlsson (Nov 08)
- Re: DoS help der Mouse (Nov 08)
- <Possible follow-ups>
- Re: DoS help RandallM (Nov 09)
- Re: DoS help RandallM (Nov 09)