Re: Odd Increase in Malformed Packets Aimed at Port 0

From: Jose Nazario (jose_at_monkey.org)
Date: 10/19/05

Next message: Steve Porter: "Re: Odd Increase in Malformed Packets Aimed at Port 0"

Previous message: steven_at_lovebug.org: "Dismantling Botnets?"
In reply to: crusher_at_spamcop.net: "Odd Increase in Malformed Packets Aimed at Port 0"
Next in thread: Steve Porter: "Re: Odd Increase in Malformed Packets Aimed at Port 0"
Reply: Steve Porter: "Re: Odd Increase in Malformed Packets Aimed at Port 0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 19 Oct 2005 12:03:31 -0400 (EDT)
To: crusher@spamcop.net

could be fragmented traffic. can you secure a tcpdump log of the traffic?
that will reveal more attributes of the traffic than the firewall logs
you shared.

another poster here was discussing a recent spike in fragmented UDP
traffic, too.

________
jose nazario, ph.d. jose@monkey.org
http://monkey.org/~jose/ http://infosecdaily.net/
http://www.wormblog.com/

Next message: Steve Porter: "Re: Odd Increase in Malformed Packets Aimed at Port 0"

Previous message: steven_at_lovebug.org: "Dismantling Botnets?"
In reply to: crusher_at_spamcop.net: "Odd Increase in Malformed Packets Aimed at Port 0"
Next in thread: Steve Porter: "Re: Odd Increase in Malformed Packets Aimed at Port 0"
Reply: Steve Porter: "Re: Odd Increase in Malformed Packets Aimed at Port 0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]