From owner-freebsd-security Tue Apr 21 21:20:03 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id VAA07637 for freebsd-security-outgoing; Tue, 21 Apr 1998 21:20:03 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from asteroid.svib.ru (root@asteroid.svib.ru [195.151.166.145]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id EAA07554 for ; Wed, 22 Apr 1998 04:19:55 GMT (envelope-from tarkhil@asteroid.svib.ru) Received: from minas-tirith.pol.ru (shuttle.svib.ru [195.151.166.144]) by asteroid.svib.ru (8.8.8/8.8.8) with ESMTP id IAA15466; Wed, 22 Apr 1998 08:19:47 +0400 (MSD) (envelope-from tarkhil@asteroid.svib.ru) Received: from minas-tirith.pol.ru (minas-tirith.pol.ru [127.0.0.1]) by minas-tirith.pol.ru (8.8.8/8.8.7) with ESMTP id IAA07040; Wed, 22 Apr 1998 08:19:51 +0400 (MSD) (envelope-from tarkhil@minas-tirith.pol.ru) Message-Id: <199804220419.IAA07040@minas-tirith.pol.ru> X-Mailer: exmh version 2.0.1 12/23/97 To: rotel@indigo.ie cc: "Alexander B. Povolotsky" , freebsd-security@FreeBSD.ORG Subject: Re: New DoS attack? In-reply-to: Your message "Tue, 21 Apr 1998 12:32:02 -0000." <199804211132.MAA00823@indigo.ie> Reply-To: tarkhil@asteroid.svib.ru Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Wed, 22 Apr 1998 08:19:49 +0400 From: Alex Povolotsky Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk <199804211132.MAA00823@indigo.ie>Niall Smart writes: >On Apr 21, 9:33am, "Alexander B. Povolotsky" wrote: >} Subject: New DoS attack? >> Strangely, I've posted this message TWICE, but still don't see it... > >This is the first time I've seen it. Is the other address subscribed >to security@freebsd.org or freebsd-security@freebsd.org? I was sending it from address, SUBSCRIBED to freebsd-security, and it seemed that hub.freebsd.org received it. Now, I've resend it from my reserve login, which is not subscribed to any mailing list. I'm getting paranoid about ir... >Could you (anyone?) dump all packets coming from/going to port 0 using tcpdump >and send me any logs? I'm not sure if this means you'll have to turn off the >ipfw rule, I don't know at what stage the packets get filtered. I'm not receiving such packets anymore... Alex. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message