[AusNOG] DDoS Attacks - Painful and Persistent.

Roland Dobbins rdobbins at arbor.net
Mon Aug 10 17:58:05 EST 2009


On Aug 10, 2009, at 2:51 PM, Craig Meyers wrote:

> The 8k packets didn't make it unscathed - all the packets were  
> segmented
> to 1500 max. Hence why there weren't port details on all lines.

doh, gotcha!  Minimal tcpdump output.

;>

> That's the university I was thinking of.

I've seen NFS used before to mount filesystems of cracked hosts used  
as dropboxes, sharing content/warez, etc. - it would be interesting to  
see the packet payload.

-----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>

         Unfortunately, inefficiency scales really well.

		   -- Kevin Lawton




More information about the AusNOG mailing list