RE: DOS ATTACK

From: Jose Nazario (jose@monkey.org)
Date: 10/29/02

• Previous message: Alex Lambert: "Re: DOS ATTACK"
• In reply to: David Vincent: "RE: DOS ATTACK"
• Next in thread: McCammon, Keith: "RE: DOS ATTACK"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Mon, 28 Oct 2002 22:21:43 -0500 (EST)
From: Jose Nazario <jose@monkey.org>
To: David Vincent <david.vincent@mightyoaks.com>

On Mon, 28 Oct 2002, David Vincent wrote:

> add a firewall (such as the wonderful kerio personal firewall -
> http://www.kerio.com) and block that IP from accessing the machine.

work with your service provider to block it as far upstream as possible. a
simple tracepath or prtraceroute [1] will help you see how far your
service provider's network goes back towards that source. firewalling at
your system, once its flooded your bandwidth, is a waste of effort.

1. http://monkey.org/~jose/software/tracepath/

___________________________
jose nazario, ph.d. jose@monkey.org
                                        http://www.monkey.org/~jose/

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com

---

• Previous message: Alex Lambert: "Re: DOS ATTACK"
• In reply to: David Vincent: "RE: DOS ATTACK"
• Next in thread: McCammon, Keith: "RE: DOS ATTACK"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > incidents  > 2002-10