mailing list archives
Re: How much longer..
From: Matthew Sullivan <matthew () sorbs net>
Date: Thu, 14 Aug 2003 07:46:09 +1000
Len Rose wrote:
How much longer will people put up with the millions of
dollars of losses in time, resources and service inflicted
on the net by the joke vulnerabilities in the toy operating
system known as Windows? Enough is Enough.
Sure, let's just filter everything..all service providers
please become M$'s virtual firewall now please.
Haven't you windows lamers learned anything yet?
You could of course just filter spoofed traffic, which would then stop a
lot of the DDoS attack that I'm suffering with.
For the second time in 2 weeks, 2 of my IPs have been null routed at the
USA -> Australia International links because of a massive DDoS attack.
If anyone is seeing traffic directed at: 220.127.116.11 18.104.22.168 or
22.214.171.124 and 126.96.36.199 (the latter 2 not being my hosts but
seeing DDoS traffic as well) you might be well advise to
shutdown/disconnect the machines as they are likely hacked and/or trojaned.
Last attack was a mixture of SYN flood (which has virtually no effect
here), 1k packets UDP send at a high volume from distributed machines
all aimed at ports arounf 1024. ICMP echo floods, and bogus DNS
requests from hosts with the IP: 'x.x.0.0'
Obviously some of the floods are not using sppoofed addresses, but I am
really at a loss to see why I see _any_ spoofed traffic, I would have
expected ISPs out there to be filtering traffic not from their networks
by default nowadays. I must just be nieve.
RE: How much longer.. Ejay Hire (Aug 13)
RE: How much longer.. Dan Lockwood (Aug 13)
RE: How much longer.. Fred Baker (Aug 13)