OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: TCP connections to port 1024 - DDoS?
From: Abe Getchell (agetchelKDE.STATE.KY.US)
Date: Mon Oct 23 2000 - 09:13:00 CDT


Hey all,
        Has anybody seen some kind of odd DDoS attack in which a number of
zombie machines try and open TCP connections to port 1024 on the target
machine? Saw some of these coming in over the last week and this weekend,
and I wanted to see if this is anything that I should be concerned about.
There hasn't been enough traffic to kill the server or clog any pipes, but
I'm concerned that there could be eventually... or that there's something
else going on here that I'm not aware of! =O

Thanks,
Abe

Abe L. Getchell - Security Engineer
Division of System Support Services
Kentucky Department of Education
Voice 502-564-2020x225
E-mail agetchelkde.state.ky.us
Web http://www.kde.state.ky.us/