6 Feb
2004
6 Feb
'04
8:55 p.m.
You probably want to make a list of vulnerable hosts that fall to exploits like this: http://server-ip-here/scripts/../../winnt/system32/ping.exe Most DDoS zombies will use spoofed IP packets to attack its victim, so filtering the source will not relief your pain. Rubens ----- Original Message ----- From: Drew Weaver To: nanog@merit.edu Sent: Friday, February 06, 2004 7:15 PM Subject: Monumentous task of making a list of all DDoS Zombies. Is there a list maintained anywhere of all hosts that have been identified as a DDoS zombie? Or attack box? We got hit with an attack from more than 60 IPs last night and I'd like to add them to any list that anyone has started. Thanks, -Drew