|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Networking theories
From: Helmethead (hoshem
MEL.COMCEN.COM.AU)Date: Sun May 07 2000 - 22:48:25 CDT
- Next message: Blue Boar: "Re: Networking theories"
- Previous message: Dragos Ruiu: "Re: Networking theories"
- In reply to: Aussie: "Re: Networking theories"
- Next in thread: Blue Boar: "Re: Networking theories"
- Reply: Helmethead: "Re: Networking theories"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Mon, May 08, 2000 at 11:58:59AM +1000, Aussie wrote:
> Just as a thought, if such a DoS was so difficult, why would I be
> logging lots of ICMP Type 3 packets at my firewall from IP's that have
> not been connected to? The most recent one (involving approx 200
> packets over a few seconds) was supposedly from 10.240.x.x, not even
> available on my internal network. Quite obviously these packets are
> spoofed, but if their is no real way to D0S a system with them, why
> would someone spoof them?
> Unfortunately, using Windows 9x, I am unable to give you tcp dumps of
> the packets....if anyone knows of a program to do this, please let me
> know.
ICMP type 3 is destination unreachable, they probably come from click nukes.
IRC lewsers often use them to kick off other IRC lewsers.
>
> Aussie
- Next message: Blue Boar: "Re: Networking theories"
- Previous message: Dragos Ruiu: "Re: Networking theories"
- In reply to: Aussie: "Re: Networking theories"
- Next in thread: Blue Boar: "Re: Networking theories"
- Reply: Helmethead: "Re: Networking theories"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]