Security Incidents mailing list archives
Re: Ping flood? Whats the point?
From: Don () TECHISG ORG (Don)
Date: Wed, 2 Feb 2000 19:37:45 +0100
Well, I experienced the same problem myself once. Since the number of IP's is too large, it can't be possible for the flooder too "own" them all. My conclusion was that it are spoofed IP's comming from one or several hosts. Because all IP's are random and spoofed it will not be possible to trace them. It's most likely the flooder is trying to flood you down so that it's impossible for the target host to do anything. I have seen several programms capable of doing this, one of them is "trinnoo flood network" or something like this. It opperates by running client software on computers which can be triggered by a server and then the flooding begins. As far as I know there's nothing you can do to trace the flooder... (could it be possible to trace via ARP stuff?) -- _________________________ |Don | |Don () TechISG org | |TechISG Organization | |http://www.TechISG.org | ------------------------- Bill Pennington wrote:
A few moments ago my firewall logs started filling up with messages below. Basiclly ICMP Echos for all over the place. I have not had a lot of time to research but it seems like a fairly random IP address distribution and the few that I looked up seemed to originate from .kr and .ar should I assume that all these boxes have been comprimised? Should I attempt to contact all the owners? What is the attacker trying to accomplish? Below is a small portion of the log file. *snip* -- Bill Pennington IT Manager Rocketcash billp () rocketcash com http://www.rocketcash.com
Current thread:
- Ping flood? Whats the point? Bill Pennington (Feb 01)
- Re: Ping flood? Whats the point? Ryan Sweat (Feb 02)
- <Possible follow-ups>
- Re: Ping flood? Whats the point? Don (Feb 02)
- tracing spoofing (Was Re: Ping flood? Whats the point?) Dragos Ruiu (Feb 03)
- Re: Ping flood? Whats the point? Andy David (Feb 03)
- Re: Ping flood? Whats the point? Bill Pennington (Feb 05)
- Re: Ping flood? Whats the point? Russell Fulton (Feb 06)
- Re: Ping flood? Whats the point? Chuck Phillips (Feb 05)
- Re: Ping flood? Whats the point? Kerry Baker (Feb 07)
- Re: Ping flood? Whats the point? Filip M. Gieszczykiewicz (Feb 08)
- Re: Ping flood? Whats the point? Kerry Baker (Feb 08)
- Re: Ping flood? Whats the point? Russell Fulton (Feb 09)
- Re: Ping flood? Whats the point? Thomas Vincent (Feb 09)
- Re: Ping flood? Whats the point? Kerry Baker (Feb 07)