Re: SYN Flood attack with sequential destination ports?
From: Joerg Over (over@dexia.de)Date: 11/08/01
- Previous message: H C: "Re: Corrupted Directories, Intrusions, and Nimda Oh MY"
- In reply to: Joshua Wright: "SYN Flood attack with sequential destination ports?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-Id: <3.0.6.32.20011108200850.00904420@10.0.0.4> Date: Thu, 08 Nov 2001 20:08:50 +0100 To: incidents@securityfocus.com From: Joerg Over <over@dexia.de> Subject: Re: SYN Flood attack with sequential destination ports?
Hi!
At 12:55 08.11.01 -0500 you wrote:
->The interesting characteristic is the destination port is sequential - each
->phase of attack starting at 3039 and ending arouind 34431.
--8<------------------------------------------------------------------------
Ever thought it could be a syn scan instead of a syn flood?
:)
Greetings, jo
+-------------------------------------------------------------------+
| __ __ __ __ _ _ It ain't over 'till it's Joerg Over... |
| / _ \ V / -_) '_/ |
| \___/\_/\___|_| |
+-------------------------------------------------------------------+
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Previous message: H C: "Re: Corrupted Directories, Intrusions, and Nimda Oh MY"
- In reply to: Joshua Wright: "SYN Flood attack with sequential destination ports?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
