On Wed, 18 Jul 2001 12:23:36 -0300 (ADT) Gamble <a629wat_private> wrote: > > This sounds like a DOS attack. By sending you many fragmented packets > the attacker could consume a lot of the memory on your machine. You could > counter this by blocking all IP fragments on your firewall, but that > would also prevent legitimate activities. The attacker is most likly > spoofing the IP addresses which you are seeing, so if it is a DOS, > tracking it down will be difficult. No, the packet rate is far too slow -- in the order of packet per hour. Russell Fulton, Computer and Network Security Officer The University of Auckland, New Zealand ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Jul 18 2001 - 20:54:54 PDT