|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Help in flood
From: Guido Bolognesi [ Zen ] (zen
kill-9.it)
Date: Wed Oct 01 2003 - 07:24:35 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Mon, Sep 29, 2003 at 03:43:15PM -0000, Mauro Marazzi wrote:
> We have had a flood described below on a red hat 7.3 system with bind 9 (is a Dns server). Bandwidth consumption about 30Mbps. What kind of attack is? And how to prevent it?
While I can't comment on the type of attack, I suggest you
contact your upstream provider[1] to get the traffic filtered, if
it's coming from a single or a small number of hosts.
If it's distributed/spoofed things can get really bad.
In the meanwhile, you can try to contact directly the provider
on the other side asking to verify and, if it's the case, filter
the traffic on his side.
[1] Colt Telecom, it seems.
ciao,
--
My home isn't cluttered; it's "passage restrictive."
zenkill-9.it . Geek . And proud of it .
http://www.kill-9.it/jargon/html/entry/zen.html
---------------------------------------------------------------------------
----------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]