Re: DOS Attack?
From: Anthony Boynes (aboynes_at_cox.net)
Date: 11/26/04
- Previous message: Jorge Gajon: "Re: log monitoring, changing iptables"
- In reply to: Shawn Wall: "DOS Attack?"
- Next in thread: David Gillett: "RE: DOS Attack?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 26 Nov 2004 06:46:42 -0700 To: security-basics@securityfocus.com
Shawn Wall wrote:
>Hi List,
>
>I'm currently experiencing network outages due to what appears to be DOS
>attacks. I'm running a wireless ISP using a Cisco 2611 and CBAC and I have a
>/24 public address range. During the outage I can see traffic from a single
>external host sending thousands of packets to a single internal host. I
>don't have port 80 inbound open in my ACLs so I don't understand how the
>external host is even able to contact the internal host to begin with.
>Secondly, how is it possible for an attack on 1 internal host to cripple the
>rest of my network? Any feedback would be welcome. Thanks.
>
>shawn
>
>
>
>
>
How are you viewing this traffic? Could it be spoofed from the inside?
Are there any abnormal broadcasts occurring?
Anthony Boynes
- Previous message: Jorge Gajon: "Re: log monitoring, changing iptables"
- In reply to: Shawn Wall: "DOS Attack?"
- Next in thread: David Gillett: "RE: DOS Attack?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
