From owner-freebsd-isp  Tue Mar 28 18:41:33 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from enya.clari.net.au (enya.clari.net.au [203.8.14.116])
	by hub.freebsd.org (Postfix) with ESMTP id 8547A37BF30
	for <freebsd-isp@freebsd.org>; Tue, 28 Mar 2000 18:41:27 -0800 (PST)
	(envelope-from danny@freebsd.org)
Received: from localhost (danny@localhost)
	by enya.clari.net.au (8.9.2/8.9.1) with ESMTP id MAA24883
	for <freebsd-isp@freebsd.org>; Wed, 29 Mar 2000 12:41:22 +1000 (EST)
	(envelope-from danny@freebsd.org)
X-Authentication-Warning: enya.clari.net.au: danny owned process doing -bs
Date: Wed, 29 Mar 2000 12:41:22 +1000 (EST)
From: "Daniel O'Callaghan" <danny@freebsd.org>
X-Sender: danny@enya.clari.net.au
To: freebsd-isp@freebsd.org
Subject: DoS attacks
Message-ID: <Pine.BSF.4.10.10003291232030.24830-100000@enya.clari.net.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


Does anyone know a URL for technical info on the recent DoS on Yahoo! etc.
The reports I've found all refer to "floods of packets", but don't say
whether they were TCP SYN or SYN/ACK or what.

GlobalCenter, who look after the Yahoo! facilities managed to do something
to quell the attack, but it took them a few hours. Anyone know what they
did?  I use GlobalCenter Melbourne, myself, so I'll ask the techs there if
they can find out, too.

Can anyone share the steps they have taken to limit the effect of these
attacks on their own facilities.

Thanks,

Danny



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message