From owner-freebsd-security@FreeBSD.ORG Wed Apr 6 17:08:57 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E626B16A4CE for ; Wed, 6 Apr 2005 17:08:57 +0000 (GMT) Received: from resmo.com (resmo.com [204.202.11.13]) by mx1.FreeBSD.org (Postfix) with ESMTP id B7D2B43D31 for ; Wed, 6 Apr 2005 17:08:57 +0000 (GMT) (envelope-from gstewart@spamcop.net) X-Resmo-Authenticated-User: [] X-Resmo-Msg-Submitted-By: mail.bonivet.net [81.56.185.133] Received: from dragonfly.bonivet.net (mail.bonivet.net [81.56.185.133]) by resmo.com (8.13.1/8.12.11) with ESMTP id j36H8uH3044656 for ; Wed, 6 Apr 2005 17:08:56 GMT Received: from dragonfly.bonivet.net (localhost.bonivet.net [127.0.0.1]) by dragonfly.bonivet.net (8.13.3/8.13.1) with SMTP id j36H8nRv040076 for ; Wed, 6 Apr 2005 19:08:50 +0200 (CEST) (envelope-from gstewart@spamcop.net) Date: Wed, 6 Apr 2005 19:08:49 +0200 From: Godwin Stewart To: freebsd-security@freebsd.org Message-Id: <20050406190849.29f14168.gstewart@spamcop.net> In-Reply-To: <20050406162811.GQ1019@therub.org> References: <200504061549.j36Fn8Y5082507@dc.cis.okstate.edu> <20050406162811.GQ1019@therub.org> X-Mailer: Sylpheed version 1.9.7 (GTK+ 2.6.4; i386-unknown-freebsd5.4) X-Face: #T;eJks=B[`71qrwp`l6BW8xI&hP8S*4Kd%e?8o"rL02ZYf"rWa41l83a)L,*; S).Ukq$U% II{-z#5%i&X8"%{$)ZWmE7WBDF)?wK1^7]u9T;@jqdZo?IT!d-L`!@&vW)F_1 X-GnuPG-Key: http://www.bonivet.net/gpg/pubkey.txt Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Subject: Re: What is this Very Stupid DOS Attack Script? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Apr 2005 17:08:58 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 6 Apr 2005 11:28:11 -0500, Dan Rue wrote: > In my experience, these are just script kiddies goofing around. The > only useful thing to do is to report them to abuse@ their ISP - this can > actually be effective in some cases. >=20 > $ whois 67.19.58.170 > OrgName: ThePlanet.com Internet Services, Inc. But definitely *not* in the case of theplanet.com. http://tinyurl.com/6sebk (expands to a search on theplanet.com in the news.admin.net-abuse.sightings newsgroup) Drawing conclusions from the evidence provided is left as an exercise for the reader. - --=20 G. Stewart - gstewart@spamcop.net Your fault: core dumped -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFCVBehK5oiGLo9AcYRAk59AKDF4UmhASqBsNKtNcRSyrDWI8Vh+gCgkrEa xD2aKKc3l6xYR43zR4yUi7Y=3D =3DgKry -----END PGP SIGNATURE-----