NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Incidents> 2001-01

From: Bjorn Djupvik (Bjorn.DjupvikGLOBALONE.NET)
Date: Mon Jan 08 2001 - 01:55:17 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi. I recently received these messages in a syslog (on the machine "somebox"). It's obviously some kind of DoS, but I`m
trying to figure out what kind. The syslog port was open so I`m guessing this is some kind of UDP flood to random ports,
thereby hitting the syslog port. Comments?

Cheers
Bjorn

-----------------------------------------------------------------------------
Jan 8 02:58:59 somebox kernel: eth0: transmit timed out, status 007b, reset
Jan 8 02:58:59 somebox kernel: resetting ledma
Jan 8 02:59:10 cs2756-148.austin.rr.com
!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)
Jan 8 03:00:35 24.130.172.19

Jan 8 03:00:24 somebox kernel: eth0: transmit timed out, status 007b, reset
Jan 8 03:00:24 somebox kernel: resetting ledma
Jan 8 03:01:04 cc849766-a.taylor1.mi.home.com
!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)
Jan 8 03:00:24 somebox kernel: eth0: Carrier Lost, trying AUI
Jan 8 03:00:24 somebox kernel: eth0: Carrier Lost, trying TPE
Jan 8 03:00:24 somebox kernel: eth0: Carrier Lost, trying AUI
Jan 8 03:00:24 somebox kernel: eth0: Carrier Lost, trying TPE
Jan 8 03:00:24 somebox kernel: eth0: Carrier Lost, trying AUI
Jan 8 03:00:24 somebox kernel: eth0: Carrier Lost, trying TPE
Jan 8 03:00:24 somebox kernel: eth0: Carrier Lost, trying AUI
Jan 8 03:00:24 somebox kernel: eth0: Carrier Lost, trying TPE
Jan 8 03:01:54 somebox kernel: eth0: transmit timed out, status 007b, reset
Jan 8 03:01:54 somebox kernel: resetting ledma
Jan 8 03:02:19 somebox kernel: eth0: transmit timed out, status 007b, reset
Jan 8 03:02:19 somebox kernel: resetting ledma
Jan 8 03:02:19 somebox kernel: eth0: Carrier Lost, trying AUI
Jan 8 03:02:19 somebox kernel: eth0: Carrier Lost, trying TPE
Jan 8 03:02:19 somebox kernel: eth0: Carrier Lost, trying AUI
Jan 8 03:02:19 somebox kernel: eth0: Carrier Lost, trying TPE
Jan 8 03:02:19 somebox kernel: eth0: Carrier Lost, trying AUI
Jan 8 03:02:19 somebox kernel: eth0: Carrier Lost, trying TPE
Jan 8 03:02:19 somebox kernel: eth0: Carrier Lost, trying AUI
Jan 8 03:02:19 somebox kernel: eth0: Carrier Lost, trying TPE
Jan 8 03:02:19 somebox kernel: eth0: Carrier Lost, trying AUI
Jan 8 03:02:22 somebox kernel: eth0: Carrier Lost, trying TPE
Jan 8 03:02:59 somebox kernel: eth0: transmit timed out, status 007b, reset
Jan 8 03:02:59 somebox kernel: resetting ledma
Jan 8 03:02:59 somebox kernel: eth0: Carrier Lost, trying AUI
Jan 8 03:02:59 somebox kernel: eth0: Carrier Lost, trying TPE
Jan 8 03:02:59 somebox kernel: eth0: Carrier Lost, trying AUI
Jan 8 03:02:59 somebox kernel: eth0: Carrier Lost, trying TPE
Jan 8 03:02:59 somebox kernel: eth0: Carrier Lost, trying AUI
Jan 8 03:02:59 somebox kernel: eth0: Carrier Lost, trying TPE
Jan 8 03:02:59 somebox kernel: eth0: Carrier Lost, trying AUI
Jan 8 03:02:59 somebox kernel: eth0: Carrier Lost, trying TPE
Jan 8 03:03:50 nic-25-c108-026.mn.mediaone.net
!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)&!^&!*&!%&!%!#%!^)
Jan 8 03:07:24 somebox kernel: eth0: transmit timed out, status 007b, reset
Jan 8 03:07:24 somebox kernel: resetting ledma
Jan 8 03:07:24 somebox kernel: eth0: Carrier Lost, trying AUI
Jan 8 03:07:24 somebox kernel: eth0: Carrier Lost, trying TPE
Jan 8 03:07:24 somebox kernel: eth0: Carrier Lost, trying AUI
Jan 8 03:07:24 somebox kernel: eth0: Carrier Lost, trying TPE
Jan 8 03:07:25 somebox kernel: eth0: Carrier Lost, trying AUI
Jan 8 03:07:28 somebox kernel: eth0: Carrier Lost, trying TPE
Jan 8 03:08:19 somebox kernel: eth0: transmit timed out, status 007b, reset
Jan 8 03:08:19 somebox kernel: resetting ledma
Jan 8 03:08:19 somebox kernel: eth0: Carrier Lost, trying AUI
Jan 8 03:08:19 somebox kernel: eth0: Carrier Lost, trying TPE
Jan 8 03:08:19 somebox kernel: eth0: Carrier Lost, trying AUI
Jan 8 03:08:19 somebox kernel: eth0: Carrier Lost, trying TPE
Jan 8 03:14:29 somebox kernel: eth0: transmit timed out, status 007b, reset
Jan 8 03:14:29 somebox kernel: resetting ledma
Jan 8 03:14:29 somebox kernel: eth0: Carrier Lost, trying AUI
Jan 8 03:14:29 somebox kernel: eth0: Carrier Lost, trying TPE
Jan 8 03:14:29 somebox kernel: eth0: Carrier Lost, trying AUI
Jan 8 03:14:30 somebox kernel: eth0: Carrier Lost, trying TPE

application/x-pkcs7-signature attachment: S/MIME Cryptographic Signature

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]