[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] [UPDATE] ping floods
- To: <full-disclosure@lists.netsys.com>
- Subject: RE: [Full-Disclosure] [UPDATE] ping floods
- From: "Dolinar, Jon" <Jon.Dolinar@tri-c.edu>
- Date: Mon, 18 Aug 2003 11:12:52 -0400
We are currently seeing in our firewall logs excessive ICMP type 8
request followed by probes on TCP port 135 coming from multiple sites
throughout the internet. Early this caused a DOS on our ISP's router
ahead of our firewall.
Jon Dolinar
Network Security Supervisor
Cuyahoga Community College
Jon.dolinar@tri-c.edu
216.987.4354
-----Original Message-----
From: Abraham, Antony (Cognizant) [mailto:Antony@blr.cognizant.com]
Sent: Monday, August 18, 2003 10:18 AM
To: B3r3n@argosnet.com; full-disclosure@lists.netsys.com
Cc: Frank.Ederveen@canon-europe.com
Subject: RE: [Full-Disclosure] [UPDATE] ping floods
Hi,
We do have the same problem. Incidents.org has recorded the same
(http://isc.incidents.org/) but not much detail available.
Thanks,
Antony Abraham
-----Original Message-----
From: B3r3n@argosnet.com [mailto:B3r3n@argosnet.com]
Sent: Monday, August 18, 2003 6:59 PM
To: full-disclosure@lists.netsys.com
Cc: Frank.Ederveen@canon-europe.com
Subject: [Full-Disclosure] [UPDATE] ping floods
Frank,
Yes, exactly, our ICMP requests are also detected as Cyber kit 2.2
Seems we share the same problem.
Some others too?
Brgrds
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html