Re: DDOS in progress?
From: Tim Haynes (usenet-20030826_at_stirfried.vegetable.org.uk)
Date: 08/26/03
- Next message: David: "Re: DDOS in progress?"
- Previous message: svek: "Re: Why are there few viruses for UNIX/Linux systems?"
- In reply to: David: "Re: DDOS in progress?"
- Next in thread: David: "Re: DDOS in progress?"
- Reply: David: "Re: DDOS in progress?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 26 Aug 2003 15:29:32 +0100
David <thunderbolt01@netscape.net> writes:
> Tony Curtis wrote:
>> I predict (some of) these hosts are also hitting you (or
>> trying) with tcp:135.
>> It's one of those MS worms/virii (Blaster I think).
>> http://www.cert.org/advisories/CA-2003-20.html
>
> I hadn't thought about Blaster though it could very possibly be a part of
> the problem. It would sure be nice if M$ would get off their A$$ and fix
> their ?????
Check to see if they're 92bytes long - if so, it's blaster. Otherwise, it's
either random noise or PMTU (normally 1500 with DF=1).
~Tim
-- The candles of enlightenment |piglet@stirfried.vegetable.org.uk Once lit, they say, don't burn |http://spodzone.org.uk/
- Next message: David: "Re: DDOS in progress?"
- Previous message: svek: "Re: Why are there few viruses for UNIX/Linux systems?"
- In reply to: David: "Re: DDOS in progress?"
- Next in thread: David: "Re: DDOS in progress?"
- Reply: David: "Re: DDOS in progress?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
