Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Security Incidents: Re: IGMP DOS Attack

Re: IGMP DOS Attack

From: Justin Shore <macdaddy_at_neo.pittstate.edu>
Date: Thu, 11 Apr 2002 10:45:56 -0500

On 4/11/02 5:45 AM D.Stout_at_EU.HNS.COM said...

> Has anybody else had an IGMP DoS attack starting at 5:23 CET ?
> Does anybody know what causes this ?
> What are the implications of this (other than pure bandwidth
>consumption)
>
> I will continue to search for info, but please help me if you know what
>this is.

While you might be using multicast on your LAN, are you actually wanting
to use that over your WAN link? Does you upstream support it? _Very_
few do. If you're not wanting mcast in or out of your WAN link, block
it.

Justin 

--
Justin Shore, ES-SS ES-SSR      Pittsburg State University
Network & Systems Manager       Kelce 157Q
Office of Information Systems   Pittsburg, KS 66762
Voice: (620) 235-4606           Fax: (620) 235-4545
http://www.pittstate.edu/ois/
Warning:  This message has been quadruple Rot13'ed for your protection.
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
Received on Apr 11 2002
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos