[Dshield] Ping??? DOS???? From DELL.COM
russ.washington at vaultsentry.com
Fri Jun 21 15:48:40 GMT 2002
Ack, good point.
And the funny thing is that I started to type "maybe just ICMP type 8" but I
decided to try to keep it simple instead. D'oh! :)
From: E.B. Dreger [mailto:eddy+public+spam at noc.everquick.net]
Sent: Thursday, June 20, 2002 8:14 PM
To: 'list at dshield.org'
Subject: RE: [Dshield] Ping??? DOS???? From DELL.COM
RW> Date: Thu, 20 Jun 2002 14:55:14 -0700
RW> From: Russell Washington
RW> It's entirely possible that someone is spoofing the dell.com IPs...
RW> you may want to consider dropping ICMP entirely until this passes.
RW> You may find out after doing so that there are other kinds of
RW> traffic involved in the attack...
Don't drop all ICMP. Allow unreachables to pass... else you break path MTU
Brotsman & Dreger, Inc. - EverQuick Internet Division Bandwidth, consulting,
e-commerce, hosting, and network building
Phone: +1 (785) 865-5885 Lawrence and [inter]national
Phone: +1 (316) 794-8922 Wichita
Date: Mon, 21 May 2001 11:23:58 +0000 (GMT)
From: A Trap <blacklist at brics.com>
To: blacklist at brics.com
Subject: Please ignore this portion of my mail signature.
These last few lines are a trap for address-harvesting spambots. Do NOT send
mail to <blacklist at brics.com>, or you are likely to be blocked.
Dshield mailing list
Dshield at dshield.org
To change your subscription options (or unsubscribe), see:
More information about the list