RE: Attacks on GRC.com
From: Chmielarski TOM-ATC090 (Tom.Chmielarski@motorola.com)Date: 02/28/02
- Previous message: jamie@jamie-sue.org: "Suspect short first fragment?"
- Maybe in reply to: HarryM: "RE: Attacks on GRC.com"
- Next in thread: Dave Salovesh: "RE: Attacks on GRC.com"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Chmielarski TOM-ATC090 <Tom.Chmielarski@motorola.com> To: "'HarryM'" <harrym@the-group.org> Date: Thu, 28 Feb 2002 12:48:52 -0600
Harry,
You might find these a worthwhile read, two articles by DDoS expert Dave
Dittrich
About the type of attack:
http://staff.washington.edu/dittrich/misc/ddos/grc-syn.txt
About the GRC article itself:
http://staff.washington.edu/dittrich/misc/ddos/grc-reply.txt
-Tom
-----Original Message-----
From: HarryM [mailto:harrym@the-group.org]
Sent: Thursday, February 28, 2002 4:46 AM
To: incidents@securityfocus.org
Subject: RE: Attacks on GRC.com
To the moderator:
I'm not sure if this is on-topic for incidents since it's kind've a poke
at steve gibson as well as a question :)
Would you mind sending this to the appropriate list if incidents is the
wrong one? I'm on incidents, bugtraq, vuln-dev and webappsec.
Thanks.
RE Gibson's 'report' here: http://grc.com/dos/drdos.htm
I know i heard about this type of attack quite soem time ago, although i
don't remember it being given a name. Gibson has dubbed this a 'Distributed
Reflection Denial of Service' attack in his typical 'media-darling' style.
Has the *real* security community given this type of attack a name? If so,
what? And is there any defence, possibly automated, that server admins can
implement against innocent servers being abused in this way by crackers? Are
there any IDSs that can detect this type of activity?
I'm new to security in general so forgive me if any of those questions are
dumb!
Harry
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Previous message: jamie@jamie-sue.org: "Suspect short first fragment?"
- Maybe in reply to: HarryM: "RE: Attacks on GRC.com"
- Next in thread: Dave Salovesh: "RE: Attacks on GRC.com"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
