I just thought I would let everyone else know about this We have been receiving, over the past 2 days UDP DoS against our network, though I have had this blocked upstream, and now the x.x.x.28 is now null routed, it has not stopped with the UDPs actually the upstream has found more sources now since then. Anyways, the current stats from the section of the logs that I have, give me > 205000 packets between 15:56 and 18:40, though this has continued since then, so it's probably in the millions by now or worse. Feb 17 15:56:14 216.18.48.122 42: %SEC-6-IPACCESSLOGP: list e-inbound denied udp 194.47.153.20(1249) -> x.x.x.28(113), 122 packets -- Jason Robertson Now at the Nation Research Council. ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Mon Feb 18 2002 - 23:57:27 PST