DDoS Traffic
Date: Sat, 30 Jul 2005 14:43:08 GMT
Is there any work on characterizing DDoS traffic at
the router? at the host? Would there be correlation
between the information in the packets? Thanks.
Relevant Pages
- Re: Duplicate Echo Replies with Channel Bonding
... In this mode both interfaces receive packets, ... >When both eth0 and eth1 are up and I ping from Host C to Host A I get ... >The destination network 192.168.120.0/24 exists on both Router A and ... Switch B does not have the MAC address in its MAC address table ...
(RedHat) - Re: Ip spoof from 0.0.0.0
... - A passive spoofed portscan with the attacker on the local ... segment watching the response packets go out to the default ... If a host responds to the syn packet sourced from 0.0.0.0 with an ack, ... it goes to the router either with the destination IP address rewritten ...
(Incidents) - Re: [Full-Disclosure] ICMP Covert channels question
... what i meant was what if i use the networks router as a bounce ... > internal host will it send the echoreply to its lan port? ... > firewall all I'd have to do is make it send packets to a bounce server ... > outsede the network, like google.com with source set to my ip ...
(Full-Disclosure) - Re: port 0 not stealth
... and the less likely they are to just move to the next host. ... the next host in line faster than dropping packets. ... if the ISP configures the router that way. ...
(comp.security.firewalls) - Re: Strange networking problems after update 5.2.1->5.3
... > other host. ... with some OS's ignoring it, others not, etc. So if the router refuses to ... >>packets missing at some step, the wrong address, or the like. ...
(freebsd-stable) |
|
