|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Anton A. Chuvakin (anton_at_chuvakin.org)
Date: Wed Sep 25 2002 - 13:38:30 CDT
James and all,
>Apparently the intruder got rather upset I spoiled his fun and about 15
>minutes after I shut him out, I was a victim of a udp-based DOS attack.
Actually, it wasn't an intruder; the UDP flood you are experiencing is a
consequence of a worm network design. Most likely the worm managed to join
the network before you shut it down and now its peers are trying to access
your machine.
For more info got to http://isc.incidents.org/analysis.html?id=169 and
http://isc.incidents.org/analysis.html?id=167
Best,
--
Anton A. Chuvakin, Ph.D., GCIA
http://www.chuvakin.org
http://www.info-secure.org
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]