OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: 8 hours of pinging
From: Ed Padin (epadinWAGWEB.COM)
Date: Tue Mar 28 2000 - 17:09:56 CST

I have a client that's looking to block access to napster. Is there a way to
find out all the IP addresses that the napster server uses? I know that a
simple packet snatch can answer that but I want to make sure I get the whole
range of addresses and was hoping that someone already had the information.

>-----Original Message-----
>From: Foley, Michael P [mailto:michael_p_foleyGROTON.PFIZER.COM]
>Sent: Wednesday, March 22, 2000 2:26 PM
>To: INCIDENTSSECURITYFOCUS.COM
>Subject: 8 hours of pinging

SNOP

>98ABE1CC.ipt.aol.com
>I have seen this happen with Napster running on my machine.
>Below is a copy
>of a log entry (Captured by BlackIce) while running Napster.
>
>Mar 12 2000 | 18:24:13 | Echo reply without request | 171.209.28.47 |
>MARKCUNN
>
>A full list of the log file can be seen at
>http://www.members.home.com/tragic101/icelog/log.html
>this list is updated in realtime as attacks occur.
>
>-mike
>
>
>On 20 Mar 2000, at 9:20, Jim Lindstrom wrote:
>
>> I have a machine on the Home network whose logs I monitor in
>> real-time. Last night from 12:40am to about 8:35am (central
>standard us
>> time), the machine was continously pinged, at a rate of 5 to 10 times
>> per minute, from machines all over the world. I don't think this was
>> intended as a DDoS, due to the low rate of firings, but what
>else could
>> this have been?