Syn Flood

• Previous message (by thread): Syn Flood
• Next message (by thread): Lock Down (was Re: Syn Flood)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I had success on several computers catching IRC Bots with SwatIT, which is
free.

http://www.lockdowncorp.com/

Ron

-----Original Message-----
From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu]On Behalf Of
Christopher Bird
Sent: Tuesday, March 25, 2003 8:56 PM
To: nanog at merit.edu
Subject: Syn Flood


I have a problem on a home PC of all things. Every once in a while it bursts
into life and syn floods an IP address on port 80. The IP addresses it
chooses are random and varied. The network counters ratchet up alarmingly
(as viewed in the connections window). I am running winXP Pro on this box.

I have zone alarm, an SMC Barricade firewall, and Norton anti virus.

I don't seem to be able to catch the computer at it, I just have the
evidence after the event. I don't like the anti social behavior that this is
exhibiting and am wondering if the collective wisdom of this group might
have any ideas how to track the issue down.

According to virus checkers, I am clean.

Thanks in advance

Chris Bird
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20030325/2640ae0f/attachment.html>

• Previous message (by thread): Syn Flood
• Next message (by thread): Lock Down (was Re: Syn Flood)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]