New Denial of Service Attack on Panix
Leonid Egoshin
egoshin at genesyslab.com
Tue Sep 17 19:45:19 UTC 1996
From my expirience:
There is one (not very complex) additional way to determine
the real source of attack - DNS. If you configure DNS servers
(you and secondaries also) to write log of requests and after
that change your server IP address, you can fix the time
then attacker change address to new. Manual analize of logs
can very limit the number of potential attackers - look at the time
of requests.
- Leonid Yegoshin, LY22
More information about the NANOG
mailing list