'Help in flood'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       incidents
Subject:    Help in flood
From:       Mauro Marazzi <mauro.marazzi () netsystem ! com>
Date:       2003-09-29 15:43:15
[Download RAW message or body]



Hello .
We have had a flood described below on a red hat 7.3 system with bind 9 (is a Dns \
server). Bandwidth consumption about 30Mbps. What kind of attack is? And how to \
prevent it?

Regards,

Mauro Marazzi

11:25:00.017182 66.185.161.58.54407 > 212.31.242.100.53:  12337 op6$ [b2&3=0x3233] \
                [13879a] [13365q] [14393n] [16706au][|domain] (DF)
11:25:00.017185 66.185.161.58.54407 > 212.31.242.100.53:  12337 op6$ [b2&3=0x3233] \
                [13879a] [13365q] [14393n] [16706au][|domain] (DF)
11:25:00.017186 66.185.161.58.54407 > 212.31.242.100.53:  12337 op6$ [b2&3=0x3233] \
                [13879a] [13365q] [14393n] [16706au][|domain] (DF)
11:25:00.017187 66.185.161.58.54407 > 212.31.242.100.53:  12337 op6$ [b2&3=0x3233] \
                [13879a] [13365q] [14393n] [16706au][|domain] (DF)
11:25:00.017202 66.185.161.58.54407 > 212.31.242.100.53:  12337 op6$ [b2&3=0x3233] \
                [13879a] [13365q] [14393n] [16706au][|domain] (DF)
11:25:00.017216 66.185.161.58.54407 > 212.31.242.100.53:  12337 op6$ [b2&3=0x3233] \
                [13879a] [13365q] [14393n] [16706au][|domain] (DF)
11:25:00.017218 66.185.161.58.54407 > 212.31.242.100.53:  12337 op6$ [b2&3=0x3233] \
                [13879a] [13365q] [14393n] [16706au][|domain] (DF)
11:25:00.017231 66.185.161.58.54407 > 212.31.242.100.53:  12337 op6$ [b2&3=0x3233] \
                [13879a] [13365q] [14393n] [16706au][|domain] (DF)
11:25:00.017233 66.185.161.58.54407 > 212.31.242.100.53:  12337 op6$ [b2&3=0x3233] \
                [13879a] [13365q] [14393n] [16706au][|domain] (DF)
11:25:00.017247 66.185.161.58.54407 > 212.31.242.100.53:  12337 op6$ [b2&3=0x3233] \
                [13879a] [13365q] [14393n] [16706au][|domain] (DF)
11:25:00.017262 66.185.161.58.54407 > 212.31.242.100.53:  12337 op6$ [b2&3=0x3233] \
                [13879a] [13365q] [14393n] [16706au][|domain] (DF)
11:25:00.017263 66.185.161.58.54407 > 212.31.242.100.53:  12337 op6$ [b2&3=0x3233] \
                [13879a] [13365q] [14393n] [16706au][|domain] (DF)
11:25:00.017277 66.185.161.58.54407 > 212.31.242.100.53:  12337 op6$ [b2&3=0x3233] \
                [13879a] [13365q] [14393n] [16706au][|domain] (DF)
11:25:00.017278 66.185.161.58.54407 > 212.31.242.100.53:  12337 op6$ [b2&3=0x3233] \
                [13879a] [13365q] [14393n] [16706au][|domain] (DF)
11:25:00.017292 66.185.161.58.54407 > 212.31.242.100.53:  12337 op6$ [b2&3=0x3233] \
                [13879a] [13365q] [14393n] [16706au][|domain] (DF)
11:25:00.017307 66.185.161.58.54407 > 212.31.242.100.53:  12337 op6$ [b2&3=0x3233] \
                [13879a] [13365q] [14393n] [16706au][|domain] (DF)
11:25:00.017308 66.185.161.58.54407 > 212.31.242.100.53:  12337 op6$ [b2&3=0x3233] \
[13879a] [13365q] [14393n] [16706au][|domain] (DF)

---------------------------------------------------------------------------
----------------------------------------------------------------------------


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic