[AusNOG] DDoS Attacks - Painful and Persistent.
Roland Dobbins
rdobbins at arbor.net
Mon Aug 10 17:58:05 EST 2009
On Aug 10, 2009, at 2:51 PM, Craig Meyers wrote:
> The 8k packets didn't make it unscathed - all the packets were
> segmented
> to 1500 max. Hence why there weren't port details on all lines.
doh, gotcha! Minimal tcpdump output.
;>
> That's the university I was thinking of.
I've seen NFS used before to mount filesystems of cracked hosts used
as dropboxes, sharing content/warez, etc. - it would be interesting to
see the packet payload.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
Unfortunately, inefficiency scales really well.
-- Kevin Lawton
More information about the AusNOG
mailing list