DoS
From: Aleksey Domorad (aleksey@lioha.com)Date: 01/07/02
- Previous message: Pybus, David: "Re: Locking Down a Linux Box"
- Next in thread: Nathan W. Labadie: "Re: DoS"
- Reply: Nathan W. Labadie: "Re: DoS"
- Reply: Andrew Hatfield: "RE: DoS"
- Reply: Thomas Smith: "Re: DoS"
- Reply: Michael Boman: "Re: DoS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Aleksey Domorad" <aleksey@lioha.com> To: <focus-linux@lists.securityfocus.com> Date: Mon, 7 Jan 2002 11:23:03 -0500
Hi All
I just noticed that my box was DoS'ed
here is the example of SNORT log entry
[**] DDOS shaft synflood [**]
01/07-08:21:35.632619 0:2:17:62:12:A5 -> 0:10:4B:C5:F:D type:0x800 len:0x3C
194.77.208.1:1580 -> XXX.XXX.XXX.XXX:111 TCP TTL:16 TOS:0x0 ID:58100
IpLen:20 DgmLen:40
******S* Seq: 0x28374839 Ack: 0x2294E541 Win: 0xFFFF TcpLen: 20
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
I'd like to know if there is anykind of software that can besides detecting
DoS attack also report via any tool to Administrator and or ISP Abuse Email
Thank You
- Previous message: Pybus, David: "Re: Locking Down a Linux Box"
- Next in thread: Nathan W. Labadie: "Re: DoS"
- Reply: Nathan W. Labadie: "Re: DoS"
- Reply: Andrew Hatfield: "RE: DoS"
- Reply: Thomas Smith: "Re: DoS"
- Reply: Michael Boman: "Re: DoS"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
