8 Sep
2003
8 Sep
'03
4:52 p.m.
Christopher J. Wolff wrote:
After tracking down what I believed was an attempted DOS attack, it turns out that two Windows 2000 servers, fully updated, were spewing out hundreds of port 53 requests. Upon further investigation dns.exe was hogging 99% of the CPU.
I haven't found any reference to this at CERT so I thought I would drop the occurrence into the nanog funnel to see what comes out. The attack started around 8AM MST. Thank you for your consideration.
I wonder if this is the tool used to attack Spamhaus, SPEWS and SORBS. Do you know what the requests were for?