Re: UDP Port 80 Flooding

["Christopher L. Morrow" <christopher.morrow () mci com>]

On Tue, 8 Feb 2005, Greg Boehnlein wrote:

> Anyone seen a rash of UDP port 80 packet floods lately? We found a huge
> flood of packets from an address in Taiwan flooding into a customer's IP
> on our LAN yesterday, which pushed traffic counts off the charts. Any idea
> what might be at the heart of this?

made 'famous' around may-day 2001... Chinese vs US 'hackers', the chinese
folks got quite a letter writing campaign going, had all their friends
download a 'network testing tool' from foundstone (I think) a little
windows app that would allow you to put in:
port
protocol
size
(perhaps time)

and flood away! :) It was 'great' because you could figure the problem out
quickly and filter/rate-limit udp/80 traffic :) Today I imagine it's
probably some purpose built code to just pummel out udp traffic, but this
is far from 'new' :(