Hi, After currently reviewing firewall logs from ISA server I have come across a period of where the box was hit with an aprox. average of 3 - 4 packets per 5 minute period for 8 hours. After looking up information from dshield.org http://isc.incidents.org/port_details.html?port=0 I have found that these packets can cause DoS on certain devices and OS'. The effect of the packets had no effect on the box itself but the packets were originating from 2 different hosts so I would assume this will fall in the category of DDoS? I first noticed these packets in the logs on the 21st from 11:20 GMT to 22nd 7:20 GMT and they have just started again (22nd 17:40 GMT) and are continuing. Has anyone else received such packets? Or know if there is a Trojan/worm that these packets are sent from? Thanks for your help Stu --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Wed Jul 23 2003 - 09:48:58 PDT