[ISN] DoS Attacks on GRC.com

From: InfoSec News (isnat_private)
Date: Thu May 31 2001 - 15:05:23 PDT

  • Next message: InfoSec News: "[ISN] Judge OKs FBI hack of Russian computers"

    I believe you will be as fascinated and concerned as I am by the
    findings of my post-attack forensic analysis, and the results of my
    subsequent infiltration into the networks and technologies being used
    by some of the Internet's most active hackers. 
    What Happened?
    On the evening of May 4th, 2001, GRC.COM suddenly dropped off the
    Stemming the Flood with Our ISP
    Within a minute of the start of the first attack it was clear that we
    were experiencing a "packet flooding" attack of some sort. A quick
    query of our Cisco router showed that both of our two T1 trunk
    interfaces to the Internet were receiving some sort of traffic at
    their maximum 1.54 megabit rate, while our outbound traffic had fallen
    to nearly zero, presumably because valid inbound traffic was no longer
    able to reach our server. We found ourselves in the situation that
    coined the term: Our site's users were being denied our services.  
    ISN is hosted by SecurityFocus.com
    To unsubscribe email isn-unsubscribeat_private

    This archive was generated by hypermail 2b30 : Fri Jun 01 2001 - 02:57:12 PDT