On Tue, 8 Feb 2005, Greg Boehnlein wrote:
Anyone seen a rash of UDP port 80 packet floods lately? We found a huge flood of packets from an address in Taiwan flooding into a customer's IP on our LAN yesterday, which pushed traffic counts off the charts. Any idea what might be at the heart of this?
made 'famous' around may-day 2001... Chinese vs US 'hackers', the chinese folks got quite a letter writing campaign going, had all their friends download a 'network testing tool' from foundstone (I think) a little windows app that would allow you to put in: port protocol size (perhaps time) and flood away! :) It was 'great' because you could figure the problem out quickly and filter/rate-limit udp/80 traffic :) Today I imagine it's probably some purpose built code to just pummel out udp traffic, but this is far from 'new' :(