Re: DDoS Attack

From: Sebastian Jaenicke (tsa_at_jaenicke.org)
Date: 05/22/03

Next message: Whiteside, Larry [contractor]: "RE: Possible Intrusion Attempt?"

Previous message: Muhammad Naseer Bhatti: "Re: ICMP/SYN Flood"
In reply to: Steven Shepherd: "DDoS Attack"
Next in thread: lists_at_khimich.com: "Re: DDoS Attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 22 May 2003 21:22:06 +0200
To: incidents@securityfocus.com

On Thu, May 22, 2003 at 01:13:27PM -0400, Steven Shepherd wrote:
[..]
> GET +ATH0+ + +ATH0+ + +ATH0+ + +ATH0+ + +ATH0+ + +ATH0+ + +ATH0+ + +ATH0+ +
> +ATH0+ + +ATH0+ + +\x01TH0+ + +ATH0+ + +ATH0+ + +ATH0+ + +ATH0+ + +ATH0+ +
> +ATH0+ + +ATH0+ + +ATH0+ + +ATH0+ + +ATH0+ + +ATH0+ + +ATH0+ + +ATH0+

At least this part seems to target modem users, "ATH0" being the command
to hang up a line in the Hayes command set.

- Sebastian

-- 
Sebastian Jaenicke                                   Disce aut discede!
whois pgpkey-18AC0BE4 -h whois.ripe.net|perl -ne's-^certif: +--&&print'

application/pgp-signature attachment: stored

Next message: Whiteside, Larry [contractor]: "RE: Possible Intrusion Attempt?"

Previous message: Muhammad Naseer Bhatti: "Re: ICMP/SYN Flood"
In reply to: Steven Shepherd: "DDoS Attack"
Next in thread: lists_at_khimich.com: "Re: DDoS Attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]