DoS

From: Aleksey Domorad (aleksey@lioha.com)
Date: 01/07/02


From: "Aleksey Domorad" <aleksey@lioha.com>
To: <focus-linux@lists.securityfocus.com>
Date: Mon, 7 Jan 2002 11:23:03 -0500

Hi All

I just noticed that my box was DoS'ed
here is the example of SNORT log entry

[**] DDOS shaft synflood [**]
01/07-08:21:35.632619 0:2:17:62:12:A5 -> 0:10:4B:C5:F:D type:0x800 len:0x3C
194.77.208.1:1580 -> XXX.XXX.XXX.XXX:111 TCP TTL:16 TOS:0x0 ID:58100
IpLen:20 DgmLen:40
******S* Seq: 0x28374839 Ack: 0x2294E541 Win: 0xFFFF TcpLen: 20

=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+

I'd like to know if there is anykind of software that can besides detecting
DoS attack also report via any tool to Administrator and or ISP Abuse Email

Thank You