|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: New Denial of Service Attack on Panix
Paul A Vixie writes: >If Cisco routers had TCPDUMP capability this would be a lot simpler. If >all the routers in the universe had TCPDUMP, and all the router operators >had eachother's phone numbers, we could track this to the source in less >than five minutes. Alas, the misfit teenagers of the underworld have >caught us without any of the tools we need be able to track this down. The attacks will show up in Cisco netflow switching exports though. ftp://ftp.net.ohio-state.edu/users/maf/priv/flow.tar is the start of a toolkit. -- mark - - - - - - - - - - - - - - - - -
|