Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: 8 hours of pinging

From: epadin () WAGWEB COM (Ed Padin)
Date: Tue, 28 Mar 2000 18:09:56 -0500

I have a client that's looking to block access to napster. Is there a way to
find out all the IP addresses that the napster server uses? I know that a
simple packet snatch can answer that but I want to make sure I get the whole
range of addresses and was hoping that someone already had the information.


-----Original Message-----
From: Foley, Michael P [mailto:michael_p_foley () GROTON PFIZER COM]
Sent: Wednesday, March 22, 2000 2:26 PM
To: INCIDENTS () SECURITYFOCUS COM
Subject: 8 hours of pinging


SNOP


98ABE1CC.ipt.aol.com
I have seen this happen with Napster running on my machine.
Below is a copy
of a log entry (Captured by BlackIce) while running Napster.

Mar 12 2000 | 18:24:13 | Echo reply without request | 171.209.28.47 |
MARKCUNN

A full list of the log file can be seen at
http://www.members.home.com/tragic101/icelog/log.html
this list is updated in realtime as attacks occur.

-mike


On 20 Mar 2000, at 9:20, Jim Lindstrom wrote:


I have a machine on the @Home network whose logs I monitor in
real-time.  Last night from 12:40am to about 8:35am (central

standard us

time), the machine was continously pinged, at a rate of 5 to 10 times
per minute, from machines all over the world.  I don't think this was
intended as a DDoS, due to the low rate of firings, but what

else could

this have been?
Previous By Date Next
Previous By Thread Next

Current thread: