 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
On Thu, Sep 04, 2003 at 03:13:48PM -0400, Johannes Ullrich wrote: > On Thu, 2003-09-04 at 14:41, Jeff Kinz wrote: > > Anyone seeing signs of a distributed icmp dos? > > maybe your are seeing Nachia/Welchia traffic? Thats it, seems to be mostly from the Welchia, assuming the 92 byte icmp packets are somewhat uniquely to Welchia. Thanks to everyone for the pointer(s). > > hope this is not too 'commercial' for the list. But I will > be giving a (free) talk about this on the 17th ;-) > as part of the Boston SANS conference: > http://www.sans.org/newengland03/special.php Hey! Want some log files to analyze? :-) -- Jeff Kinz, Open-PC, Emergent Research, Hudson, MA. jkinz at kinz.org copyright 2003. Use is restricted. Any use is an acceptance of the offer at http://www.kinz.org/policy.html. Don't forget to change your password often.
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
