Security Incidents mailing list archives
Help?
From: interfaced <christopher.shuttsinghaus () VERIZON NET>
Date: Thu, 22 Feb 2001 02:04:14 -0500
Hello, I was hoping someone had a few words of advice to someone who seems to be getting the butt-end of packet kiddies pranks. It started on irc and now it seems i am just a toy to see how many times they can possibly disconnect me. Currently I run Mandrake 7.2 with Ipchains and sniffing via Snort. I can't exactly get their ips to report them because they use the ever popular "smurf" attack. I was wondering if anyone had some suggestions to tighten up security. I block all icmp via ipchains, but no luck, I still recieve the packets which in turn does its damage. So if someone has an idea, I am willing to listen. Thankx Alot in advance, Chris P.S I see alot of e-mail where the people have the exact protocol of the recieved packet, where can I get a set of these rules for Snort? ex. [**] IDS159 - PING Microsoft Windows [**] 02/18-10:55:48.380987 64.6.180.88 -> 10.x.x.x
Current thread:
- Help? interfaced (Feb 22)