Anyone seen a rash of UDP port 80 packet floods lately? We found a huge flood of packets from an address in Taiwan flooding into a customer's IP on our LAN yesterday, which pushed traffic counts off the charts. Any idea what might be at the heart of this? -- Vice President of N2Net, a New Age Consulting Service, Inc. Company http://www.n2net.net Where everything clicks into place! KP-216-121-ST
On Tue, 8 Feb 2005, Greg Boehnlein wrote:
Anyone seen a rash of UDP port 80 packet floods lately? We found a huge flood of packets from an address in Taiwan flooding into a customer's IP on our LAN yesterday, which pushed traffic counts off the charts. Any idea what might be at the heart of this?
made 'famous' around may-day 2001... Chinese vs US 'hackers', the chinese folks got quite a letter writing campaign going, had all their friends download a 'network testing tool' from foundstone (I think) a little windows app that would allow you to put in: port protocol size (perhaps time) and flood away! :) It was 'great' because you could figure the problem out quickly and filter/rate-limit udp/80 traffic :) Today I imagine it's probably some purpose built code to just pummel out udp traffic, but this is far from 'new' :(
participants (2)
-
Christopher L. Morrow -
Greg Boehnlein