On -1 xxx -1, P.Ook wrote:
Hi all,
I've found 'synchronized pings' in my logs from several hosts all around the world.
Today they where 11 hosts more or less doing ping to my Debian box at the same time
(11 pings in the same second). Sure this is not a DOS attack, almost for my server,
but
The logs are from a firewall box serving a small student net. I'll investigate if
people in this net are using services from 'speedera', as all the ips seems to belong
to that company.
Thank you very much for your help.
Bye.
MA.Varó
---Mensaje original---
De: Andy Coates [EMAIL
On Thu, Oct 10, 2002 at 09:15:12AM -0700, Anne Carasik wrote:
Hi Mathias,
Hi Anne,
I send this one to the list again, I hope this is ok.
Actually, it is a good start. The developer sent me a tutorial,
and I'm going to help him work on it for the clueless folks like
me :)
Can you add a Date-Header please ??? I am filtering my around 1700 Mails
(Lists) each day and only yours give me permanetly Errors !!!
Michelle Konzack
Systemadministrator
Am hat P.Ook geschrieben:
Hi all,
I've found 'synchronized pings' in my logs from several hosts all
around the
Can you add a Date-Header please ??? I am filtering my around 1700 Mails
(Lists) each day and only yours give me permanetly Errors !!!
Michelle Konzack
Systemadministrator
Am hat P.Ook geschrieben:
The logs are from a firewall box serving a small student net. I'll
investigate if
people in
I am compiling a lids enabled kernel 2.4.18 patched with the lids-2.4
package.
I do not see all of the config options I expect. I have no Special
authorizations and no Special UPS options.
Other patches I am applying are:
kernel-patch-2.4-lsm
kernel-patch-debianlogo :)
Are these options no
FAI ATTENZIONE PERCHE' CON QUESTO SISTEMA GUADAGNI DAVVERO !
(se il messaggio vi e' arrivato piu volte scusate ma,
leggetelo
..)
Vorresti Davvero Guadagnare con Internet?
Bene, la prima cosa da fare è salvare su disco questa pagina per averla
a portata di mano anche se il tuo PC
Hi,
Notice the PROTO=UDP part of the message. It means that this is a UDP packet,
not a TCP packet. UDP is not a socket-based protocol, so the port number is
meaningless for UDP packets. The log message includes port 0 because it was
easier to do that than to have a different format string for
Well, that will teach me to trust my faulty memory when answering a
question. I was confusing UDP and ICMP (and I'm not entirely sure my
answer would have been correct even if we were talking about ICMP).
Hopefully someone with more of a clue can answer the original question.
--- Wade
On
Hello!
In my firewall-log I can find several entries like this:
8---
Oct 11 19:25:48 asterix kernel: Dropwall: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:**:**:**:**:**:**:**:** SRC=***.***.***.***
DST=***.***.***.*** LEN=1456 TOS=0x00 PREC=0x00 TTL=110 ID=21266 PROTO=UDP
SPT=17060 DPT=0
Wade Richards [EMAIL PROTECTED] writes:
Notice the PROTO=UDP part of the message. It means that this
is a UDP packet, not a TCP packet. UDP is not a socket-based
protocol, so the port number is meaningless for UDP packets.
This statement is nonsense. Both TCP and UDP have 16-bit port
How about an nmap decoy scan with initial ICMP ping of the scanned host, does
it explain what you saw ?
Did you check all these addresses if they were up at the moment of the .. er ..
attack?
BR,
Boyan Krosnov, CCIE#8701
http://boyan.ludost.net/
Just another techie speaking for himself
On -1 xxx -1, P.Ook wrote:
Hi all,
I've found 'synchronized pings' in my logs from several hosts all around the
world.
Today they where 11 hosts more or less doing ping to my Debian box at the
same time
(11 pings in the same second). Sure this is not a DOS attack, almost for my
server,
The logs are from a firewall box serving a small student net. I'll investigate
if
people in this net are using services from 'speedera', as all the ips seems to
belong
to that company.
Thank you very much for your help.
Bye.
MA.Varó
---Mensaje original---
De: Andy Coates [EMAIL
On Thu, Oct 10, 2002 at 09:15:12AM -0700, Anne Carasik wrote:
Hi Mathias,
Hi Anne,
I send this one to the list again, I hope this is ok.
Actually, it is a good start. The developer sent me a tutorial,
and I'm going to help him work on it for the clueless folks like
me :)
Can you add a Date-Header please ??? I am filtering my around 1700 Mails
(Lists) each day and only yours give me permanetly Errors !!!
Michelle Konzack
Systemadministrator
Am hat P.Ook geschrieben:
The logs are from a firewall box serving a small student net. I'll
investigate if
people in
Can you add a Date-Header please ??? I am filtering my around 1700 Mails
(Lists) each day and only yours give me permanetly Errors !!!
Michelle Konzack
Systemadministrator
Am hat P.Ook geschrieben:
Hi all,
I've found 'synchronized pings' in my logs from several hosts all
around the
I am compiling a lids enabled kernel 2.4.18 patched with the lids-2.4
package.
I do not see all of the config options I expect. I have no Special
authorizations and no Special UPS options.
Other patches I am applying are:
kernel-patch-2.4-lsm
kernel-patch-debianlogo :)
Are these options no
FAI ATTENZIONE PERCHE' CON QUESTO SISTEMA GUADAGNI DAVVERO !
(se il messaggio vi e' arrivato piu volte scusate ma,
leggetelo
..)
Vorresti Davvero Guadagnare con Internet?
Bene, la prima cosa da fare è salvare su disco questa pagina per averla
a portata di mano anche se il tuo PC
Hello!
In my firewall-log I can find several entries like this:
8---
Oct 11 19:25:48 asterix kernel: Dropwall: IN=eth0 OUT=
MAC=ff:ff:ff:ff:ff:ff:**:**:**:**:**:**:**:** SRC=***.***.***.***
DST=***.***.***.*** LEN=1456 TOS=0x00 PREC=0x00 TTL=110 ID=21266 PROTO=UDP
SPT=17060 DPT=0
Hi,
Notice the PROTO=UDP part of the message. It means that this is a UDP packet,
not a TCP packet. UDP is not a socket-based protocol, so the port number is
meaningless for UDP packets. The log message includes port 0 because it was
easier to do that than to have a different format string for
Wade Richards [EMAIL PROTECTED] writes:
Notice the PROTO=UDP part of the message. It means that this
is a UDP packet, not a TCP packet. UDP is not a socket-based
protocol, so the port number is meaningless for UDP packets.
This statement is nonsense. Both TCP and UDP have 16-bit port
Well, that will teach me to trust my faulty memory when answering a
question. I was confusing UDP and ICMP (and I'm not entirely sure my
answer would have been correct even if we were talking about ICMP).
Hopefully someone with more of a clue can answer the original question.
--- Wade
On
23 matches
Mail list logo
