Date: Sat, 28 Feb 1998 22:01:12 +0200 From: Ruslan Shevchenko <Ruslan@Shevchenko.kiev.ua> To: freebsd-isp@FreeBSD.ORG Subject: DOS attack problem Message-ID: <34F86D07.6787461F@Shevchenko.kiev.ua>
next in thread | raw e-mail | index | archive | help
I was effective attacked by Deny Of Servise attack.
I have 28.8 ppp permanent link on provider, run user-level ppp from
98.01 wih -alias.
During attack, I was have many incoming trafic in modem, but, after I
shutdown
named, sendmail, http ..
tcpdump -i tun0 show me nothing.
(With big traffic in modem).
My provider (Ukrtelecom) now have problems with reorganization, and all
routes there work
in automatic mode, people are absent.
After rebooting Ukrtelecom CISCO by sending large broadcast echo, all
work fine, but at next
random amount of time I have the same situation.
I run
2.2.5-STABLE FreeBSD 2.2.5-STABLE #0: Thu Dec 25 07:30:52 GMT 1997
So, anybody known: is this known attack ?, if yes: is this problem is
fixed in -stable now ?,
if no: how I can to debug situation.
(by monitoring tools or inserting printfs in libpcap source code )
Thanks for help and sorry for poor english.
--
@=
//RSSH mailto:Ruslan@Shevchenko.Kiev.UA
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?34F86D07.6787461F>