[Dshield] Am I being used for DOS or something worse?

Ed Truitt ed.truitt at etee2k.net
Tue Jul 9 23:35:18 GMT 2002


I would suggest you give the folks at dios.net a call.  Their WHOIS
information shows a toll-free number for the technical contact.

Registrant:
 DIOS, INC.
 3234 Eastern Avenue
 Baltimore, MD 21224
 US

 Domain Name: DIOS.NET

 Technical Contact:
    Registrations, Network  hostmaster [at] mdonline.net
    3234 Eastern Avenue
    Baltimore, MD 21224-4012
    US
    888-481-6931
    Fax: 410-327-5804



----- Original Message -----
From: "Tim Rushing" <dshield at threenorth.com>
To: <list at dshield.org>
Sent: Tuesday, July 09, 2002 3:27 PM
Subject: [Dshield] Am I being used for DOS or something worse?


> I'm definitely in over my head and looking for wisdom.
[snip]
> What is the best course of action here?  If it weren't for the restart, it
> looks to me like a DOS attempt on dios.net.  I think it is possible that
> the restart actually was initiated by my hosting company without the
person
> I was talking to actually being aware that it had been completed.
>
> But is spoofing an address with an incomplete TCP handshake really a good
> multiplier for DOS?  I mean, yes, it multiplies the packets, but not by
> much.  Doesn't seem very efficient to me.
>
> This is still ongoing at this time.
>
>        ---Tim Rushing
[snip]




More information about the list mailing list