Re: DoS Kiddie

From: John Oliver (joliverat_private)
Date: Mon Jun 11 2001 - 12:43:43 PDT

Next message: Justin Shore: "Re: [Fwd: OFF TOPIC: security]"

Previous message: Abel Wisman: "Re: DoS Kiddie"
In reply to: Jonathan C. Hamill: "DoS Kiddie"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

"Jonathan C. Hamill" wrote:
> 
> This is some information I've been compiling on a DoS kiddie from
> irc.dal.net who goes by the handle cpio, these are the events that
> transpired and what happened as a result.  He's been using some hacked
> account's bandwidth to drop down tons of traffic on me from various
> misconfigured hosts which he probably got from netscan.org.  I'm being
> packeted even as I write this but he has yet to take down my connection
> completely, what I'm wondering is if there is anything I can do to make this
> stop, I realize that it's virtually impossible to find out where he's coming
> from as he always uses various shell accounts and bnc's on irc, but from
> previous conversations I know he lives in new jersey.  As it is a Sunday
> there is no one available at my local @Home offices and I can't think of
> anything else to do but wait it out, which as of this writing it's been 6
> hours of continous packeting.  My numerous attempts to get a continual log
> of the attack have
> been thwarted by the volume of traffic which my OpenBSD 2.7 system's kernel
> keeps dropping most of and tcpdump/smurflog can't keep up and both crash
> after a few seconds.  I would appreciate any help anyone can offer me with
> this matter.

@Home isn't going to help you at all.  Guaranteed.  Here's how to fix
the problem:

1) Ask @Home to assign you a new IP address.

2) Change your IRC nick and/or stay away from channels you know this
cpio hangs out in.

3) Try not to piss off script kiddiez in the future.

Sucks, don't it?  But there's literally nothing else you can do.  Well,
there *are* things that could be done, but if they were within your
capabilities (no offense intended), you wouldn't be asking here... you'd
be posting a report of how you dealt with it.

Like Steve Gibson says, there's *nothing* you can do when a 13-year-old
brat with nothing better to do decides to knock you off the 'Net. 
Forget the big stick part... just walk around very, very quietly.

If you insist on provoking this character more in IRC (some people just
*can't leave it alone, and have to try to have the last word), then do
so from a throwaway dialup.  

-- 
John Oliver, System Administrator        http://www.allegiancetele.com
ConnectNet, an Allegiance Telecom company    http://www.connectnet.com
6370 Lusk Blvd. Ste F103                                (858) 638-2020
San Diego, CA. 92121                               FAX: (858) 623-1505

Next message: Justin Shore: "Re: [Fwd: OFF TOPIC: security]"
Previous message: Abel Wisman: "Re: DoS Kiddie"
In reply to: Jonathan C. Hamill: "DoS Kiddie"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Jun 11 2001 - 20:45:51 PDT