|
Security Incidents
mailing list archives
RE: odd scans?
From: "Bamm (Robert) Visscher" <rvisscher () saball com>
Date: 28 May 2002 10:21:30 -0500
Mike,
I have seen syn floods of both types (targeting a single port and
targeting all/many ports). I am not sure why an attacker would target
all ports. There may be a way to consume resources of certain OSes in
this manner, it may just be a blatant bandwidth attack, or it could even
be poor execution of a DoS attack (ie broken code).
Bammkkkk
On Fri, 2002-05-24 at 15:51, Scott, Michael R. wrote:
that crossed my mind, but the random source port threw me off. I would
expect most DOS attacks to target a daemon port, unless just a general
bandwidth DOS was the goal. Thoughts?
thanks for the reply, by the way
Mike
--
Bamm (Robert) Visscher
Senior Engineer, Managed Network Security Operations
Ball Aerospace & Technologies Corp.
http://www.ball.com/aerospace/index.html
rvisscher () saball com Desk: 210.734.5070 x107 Mobile: 210.240.5950
Attachment:
signature.asc
Description: This is a digitally signed message part
 By Date 
By Thread
Current thread:
- Re: odd scans?, (continued)
| 
Intro
