Fwd: Re: Digital Island sponsors DoS attempt?
Jonas Luster
jluster at d-fensive.com
Fri Oct 26 07:06:09 UTC 2001
* Joe Abley sez:
> On Thu, Oct 25, 2001 at 05:37:16PM -0700, Christopher J. Wolff wrote:
> > Unfortunately, in this case I am not a customer of Digital Island in any
> > way, nor have I given them authorization to hammer my network 441 times (and
> > counting) in the last two hours.
>
> 441 echo requests in two hours?
>
> That doesn't sound like a very big hammer :)
It is also way more than necessary to gather any kind of statistics or
improve any kind of routing. 441/120 == one every 20 seconds. I cannot
possibly imagine any circumstances in which this amount of "testing" is
necessary if the remote end is some site outside the influence of
Digital Island. Was the testing end 100 percent positive not to hit some
dial up line it's keeping artificially up? Also, a generated
IDS/Firewall log would imply some kind of blocking of those requests -
if I don't get a reply at the first five tries why do I keep up probing
the IP? And IF there was a reply - what about this test is so important
that it has to be repeated in 20 second intervals?
jonas
--
Jonas M. Luster -- jluster at d-fensive.com -- +1 408 768 4148
1024D/8B06BE75 -- 0E0A 8672 78B5 DB9F A911 1C04 2E20 4C9B 8B06 BE75
http://www.d-fensive.com (work) -- http://www.baysec.org/~jluster/ (play)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20011026/ca0f3826/attachment.sig>
More information about the NANOG
mailing list