New Denial of Service Attack on Panix
Mark A. Fullmer
maf at net.ohio-state.edu
Tue Sep 17 03:29:54 UTC 1996
Paul A Vixie writes:
>If Cisco routers had TCPDUMP capability this would be a lot simpler. If
>all the routers in the universe had TCPDUMP, and all the router operators
>had eachother's phone numbers, we could track this to the source in less
>than five minutes. Alas, the misfit teenagers of the underworld have
>caught us without any of the tools we need be able to track this down.
The attacks will show up in Cisco netflow switching exports though.
ftp://ftp.net.ohio-state.edu/users/maf/priv/flow.tar is the start
of a toolkit.
--
mark
More information about the NANOG
mailing list