RE: ddos attack in progress... help needed
Reporting Security Incidents (PSIRT Advisories) http://www.cisco.com/warp/public/707/sec_incident_response.shtml#Incidents If you are under active security attack or believe that you are about to be attacked, contact the Cisco Technical Assistance Center at +1 408 526 7209 or +1 800 553 2447 or by any of the means listed under "Contact Summary" in this document. SH -----Original Message----- From: Rodney Joffe [mailto:rjoffe@centergate.com] Sent: Friday, May 03, 2002 8:15 PM To: NANOG Subject: ddos attack in progress... help needed Hello folks, We're undergoing a ddos attack on one of our machines. Its quite manageable so far - 28 source IPs, many of them cable modems. But its the first we've ever suffered, and before we get too deep in, I'd appreciate pointers to the appropriate law enforcement parties to contact so we can get to the root eventually. Offline is fine. If there's any value, I'm happy to provide the list. Sustained rate from each machine is around 2mbits per 5 min snapshot. -- Rodney Joffe CenterGate Research Group, LLC. http://www.centergate.com "Technology so advanced, even we don't understand it!"(SM)
(and if you are a UUNET customer be sure to call the customer support numner, report the incident as an attack and ask for an engineer to assist you immediately, help comes faster when you call your provider) --Chris (chris@uu.net) On Fri, 3 May 2002, Hassan, Shehzad wrote:
Reporting Security Incidents (PSIRT Advisories) http://www.cisco.com/warp/public/707/sec_incident_response.shtml#Incidents If you are under active security attack or believe that you are about to be attacked, contact the Cisco Technical Assistance Center at +1 408 526 7209 or +1 800 553 2447 or by any of the means listed under "Contact Summary" in this document.
SH
-----Original Message----- From: Rodney Joffe [mailto:rjoffe@centergate.com] Sent: Friday, May 03, 2002 8:15 PM To: NANOG Subject: ddos attack in progress... help needed
Hello folks,
We're undergoing a ddos attack on one of our machines. Its quite manageable so far - 28 source IPs, many of them cable modems. But its the first we've ever suffered, and before we get too deep in, I'd appreciate pointers to the appropriate law enforcement parties to contact so we can get to the root eventually. Offline is fine.
If there's any value, I'm happy to provide the list. Sustained rate from each machine is around 2mbits per 5 min snapshot. -- Rodney Joffe CenterGate Research Group, LLC. http://www.centergate.com "Technology so advanced, even we don't understand it!"(SM)
participants (2)
-
Christopher L. Morrow
-
Hassan, Shehzad