Security Incidents mailing list archives
62.158.159.87 syn-flooding
From: Rainer Weikusat <weikusat () MAIL UNI-MAINZ DE>
Date: Sun, 28 Jan 2001 14:00:28 +0100
I wonder if this is a global scale idiot or if whe
somehow annoyed him. fwiw
Jan 28 12:44:29 karfinux kernel: Packet log: tcp_in REJECT eth0 PROTO=6 62.158.159.87:1488 134.93.42.1:20 L=48 S=0x00
I=62824 F=0x4000 T=113 SYN (#6)
Jan 28 12:44:29 karfinux in.ftpd[6714]: connect from 62.158.159.87
Jan 28 12:44:29 karfinux ftpd[6714]: connection from p3E9E9F57.dip.t-dialin.net
Jan 28 12:44:29 karfinux sshd[298]: debug: Forked child 6715.
Jan 28 12:44:29 karfinux sshd[6715]: connect from 62.158.159.87
Jan 28 12:44:29 karfinux sshd[6715]: log: Connection from 62.158.159.87 port 1490
Jan 28 12:44:29 karfinux kernel: Packet log: tcp_in REJECT eth0 PROTO=6 62.158.159.87:1491 134.93.42.1:23 L=48 S=0x00
I=64616 F=0x4000 T=113 SYN (#6)
[continuuos, incl ftpd-DoS ('looping')]
Jan 28 13:48:28 karfinux kernel: Packet log: input DENY eth0 PROTO=6 62.158.159.87:4886 134.93.42.1:22 L=48 S=0x00
I=5888 F=0x4000 T=113 SYN (#1)
Jan 28 13:48:28 karfinux kernel: Packet log: input DENY eth0 PROTO=6 62.158.159.87:4892 134.93.42.1:22 L=48 S=0x00
I=6144 F=0x4000 T=113 SYN (#1)
Jan 28 13:48:28 karfinux kernel: Packet log: input DENY eth0 PROTO=6 62.158.159.87:4876 134.93.42.1:22 L=48 S=0x00
I=6400 F=0x4000 T=113 SYN (#1)
Jan 28 13:48:28 karfinux kernel: Packet log: input DENY eth0 PROTO=6 62.158.159.87:4895 134.93.42.1:22 L=48 S=0x00
I=6656 F=0x4000 T=113 SYN (#1)
Jan 28 13:48:28 karfinux kernel: Packet log: input DENY eth0 PROTO=6 62.158.159.87:4885 134.93.42.1:22 L=48 S=0x00
I=6912 F=0x4000 T=113 SYN (#1)
Jan 2
--
SIGSTOP
Current thread:
- 62.158.159.87 syn-flooding Rainer Weikusat (Jan 29)
- <Possible follow-ups>
- Re: 62.158.159.87 syn-flooding Bill Royds (Jan 29)
- Wingate 1080/8080 Scans Brian Taylor (Jan 30)
- Re: Wingate 1080/8080 Scans James Kelty (Jan 31)
- Wingate 1080/8080 Scans Brian Taylor (Jan 30)