the attack continues..

• Previous message (by thread): 1st CFP: 1st Workshop LMPCNAP in ICNS 2009 | April 21-25, 2009 - Valencia, Spain
• Next message (by thread): the attack continues..
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello Lists,

    I'm still getting attacked and most of the IP's i got have been
reported. and just this morning it looks as if someone is testing my
network. and sending out short TCP_SESSION requests. now i may be
paranoid but this past few days have been hell.. just want to know if
the folks from these ip's can help me out.

Attacker IP,Attacker Port,Victim IP,Victim Port,Attack Type,Start
Time,Extra Info
205.188.116.7,47198,200.0.179.73,80,TCP_SESSION,2008-10-18
14:20:48,Filtered IP: Dropped packets: 3 Dropped bytes: 156
205.188.117.134,45379,200.0.179.73,80,TCP_SESSION,2008-10-18
14:20:48,Filtered IP: Dropped packets: 0 Dropped bytes: 0
205.188.117.137,42257,200.0.179.73,80,TCP_SESSION,2008-10-18
14:20:48,Filtered IP: Dropped packets: 0 Dropped bytes: 0
75.105.128.38,4092,200.0.179.73,80,TCP_SESSION,2008-10-18
14:20:48,Filtered IP: Dropped packets: 0 Dropped bytes: 0

First 3 IP's come from AOL, I'll try to see if I can get their attention.

Last IP is from a Wildblue Communications WBC-39.

I wanted to see if it's possible to get a sample of the "bots" that
their using against me. I know... it's a long shot but any help will
be greatly appreciated.




thanks,
John Lopez

• Previous message (by thread): 1st CFP: 1st Workshop LMPCNAP in ICNS 2009 | April 21-25, 2009 - Valencia, Spain
• Next message (by thread): the attack continues..
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]