From owner-freebsd-hackers@FreeBSD.ORG Mon Nov 26 16:03:39 2007 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A257116A420 for ; Mon, 26 Nov 2007 16:03:39 +0000 (UTC) (envelope-from jandrese@mitre.org) Received: from smtp-bedford.mitre.org (smtp-bedford.mitre.org [192.160.51.76]) by mx1.freebsd.org (Postfix) with ESMTP id 4B82B13C47E for ; Mon, 26 Nov 2007 16:03:39 +0000 (UTC) (envelope-from jandrese@mitre.org) Received: from smtp-bedford.mitre.org (localhost.localdomain [127.0.0.1]) by smtp-bedford.mitre.org (8.12.11.20060308/8.12.11) with SMTP id lAQFpPwB009848 for ; Mon, 26 Nov 2007 10:51:25 -0500 Received: from smtp-bedford.mitre.org (localhost.localdomain [127.0.0.1]) by smtp-bedford.mitre.org (Postfix) with ESMTP id A778EBF97 for ; Mon, 26 Nov 2007 10:51:25 -0500 (EST) Received: from IMCFE1.MITRE.ORG (imcfe1.mitre.org [129.83.29.3]) by smtp-bedford.mitre.org (8.12.11.20060308/8.12.11) with ESMTP id lAQFpPsG009821; Mon, 26 Nov 2007 10:51:25 -0500 Received: from IMCSRV6.MITRE.ORG ([129.83.20.237]) by IMCFE1.MITRE.ORG with Microsoft SMTPSVC(6.0.3790.1830); Mon, 26 Nov 2007 10:51:25 -0500 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Date: Mon, 26 Nov 2007 10:51:23 -0500 Message-ID: <53B52415C756A84E8A169F0E3673A329909080@IMCSRV6.MITRE.ORG> In-Reply-To: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Welcome to Hell / Mysterious networking troubles on FreeBSD Thread-Index: Acgu6+6nrfUbzL6LRPuoa3pimsaPpgBV/K7g References: <000101c82ed9$4d0986b0$0200a8c0@windsor><4748A0FA.1060402@elischer.org> From: "Andresen, Jason R." To: "Jeff Mohler" , "Julian Elischer" X-OriginalArrivalTime: 26 Nov 2007 15:51:25.0067 (UTC) FILETIME=[32F1B5B0:01C83044] Cc: freebsd-hackers@freebsd.org, "Joel V." Subject: RE: Welcome to Hell / Mysterious networking troubles on FreeBSD X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Nov 2007 16:03:39 -0000 >From: owner-freebsd-hackers@freebsd.org=20 >[mailto:owner-freebsd-hackers@freebsd.org] On Behalf Of Jeff Mohler > >On Nov 24, 2007 2:08 PM, Julian Elischer wrote: > >> Joel V. wrote: >> > Hello. >> > >> > A big thanks to everyone who contacted me. FreeBSD really=20 >has the best >> > community one could help for. >> > >> > Now, it has been confirmed by the backbone manager that=20 >we're dealing >> with a >> > DDOS attack. However, the ISP seems to be as clueless as a headless >> sheep, >> > and we haven't been able to contact their technical staff=20 >yet (of course >> one >> > can't be 100% sure that they even have a technical staff,=20 >judging by the >> > level of their response). >> > >> > Hopefully the situation will be fixed soon. One final=20 >question though: >> are >> > there any quick steps one can take to protect their server=20 >from DDOS >> attacks >> > like these? >> > >Well..call the people responsible for the source IP, complain=20 >to them as >well. However, it's important to remember that those are UDP messages, so it is trivial to spoof the source address. They could easily be coming from hundreds of different hosts but all have the same src address set.