North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: New Denial of Service Attack on Panix\
> The draft BCP that people are working on is OK. > > However, much of what I have seen today in my lab, might > be better off discussed in private... I'll say, as most > of you know, SR filtering is useful, but it cannot > stop the attacks. > > Kernel Protection and Recovery Tools are Critical > and Needed in a Hurry. > > Right now, I could use a 'simple command line flush > the queue, close all sockets, release all descriptors' > tool. Comment out the line in /etc/inetd.conf; kill -1 the inetd proc; stop any processes listing on those ports; comment it back in; kill -1 inetd again. If you want to command-line it, move a file with the commented line in and out of /etc/inetd.conf's place. When there's nothing listening on those ports all the sockets, descriptors, queues, pcbs, etc... go away. Is this not what you were thinking of? > If anyone has such a critter, it is one more brick > in the wall. > > Please let me know. via e-mail, thanks. > > Regards, > > Tim Avi - - - - - - - - - - - - - - - - -
|