|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: new variation on synflood? NOT
From: John Comeau (jcomeau
DIALTONEINTERNET.NET)Date: Fri Aug 04 2000 - 06:49:57 CDT
- Next message: Blue Panda: "FTP Serv-U 2.5e vulnerability."
- Previous message: Roman Drahtmueller: "SuSE Security: miscellaneous"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Thanks very much to everyone for the many undeserved thoughtful replies after
my careless post. What we were seeing was simply very large-scale synfloods
(DS3 or greater both times I was involved). The 'garbage' to which I alluded
was simply an artifact of tcpdump on the libpcap version of tcpdump. The
command used was:
tcpdump -s 1000 -x -n
Of course, 2000 will show 2000 bytes; the larger you make it, the more it will
show you! This will NOT happen with the older tcpdump.
Apparently I'm in good company, several others have been bitten by the same
bug recently. I guess it's a good thing it got aired publicly, even if I have
to wear the dunce cap for a few days.
-- John Comeau - Chief Technology Officer Dialtone Internet - Extremely Fast Web Systems 954-581-0097 fax://954-581-7629 jcomeau
- Next message: Blue Panda: "FTP Serv-U 2.5e vulnerability."
- Previous message: Roman Drahtmueller: "SuSE Security: miscellaneous"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]