|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: New DoS attack affecting small NAT devices?
> Starting Tuesday night, we started getting complaints from customers in a > specific net block of our network, all of whom were running small > "personal" firewalls (Netgear, linksys etc) about: Someone on that network is scanning/flooding it hard... probably from a hacked box spoofing IP's. Last one I had was a linux boxen with a 'udp.pl' running from a pseudo-root account. As it was not actually making connections, many of the traffic/monitoring tools had a hard time identifying it. We found it using ntop (ntop.org) and the packet stats on the ethernet switches.
|