[Dshield] what kind of attack is this?

Guy Barnum GuyBarnum at Armscole.com
Sat Feb 14 14:36:44 GMT 2004


Thank you, I'll check out those tools to look into the processes.  I've
been going down the process list one entry at a time and googling each
one and haven't found anything illegal yet.

"With this little to go on, "

What information should I be posting to get better feedback do you
think?  I'll post anything up you want to see.  I have extensive
Ethereal captures displaying detailed packet content.

BTW I have a CISCO firewall appliance in front of the server and I've
filtered the outgoing traffic on the culprit port.  The appliance is so
over loaded by the volume it is filtering it effectively creates a DOS
on the internal side of the firewall...

GLB




More information about the list mailing list