> PS. Since this is a networking list, any chance you'd care to explain the
> 20 packets of death that can screw up DNS? Does this imply crashing bind,
> or does it do something else? If there anyway a public DNS server can
> defend against it, etc.
Take a lan. All the machines on it depend on an external DNS server typically.
If so you fake portscans from their primary/secondary DNS server to each client
The clients all firewall the DNS servers.
> PPS. What's better: losing your access, or having a kiddy break into you
> computer and use it as a launch pad for hack attempts that cause your ISP
> to yank your access or worse...
The kiddiez are using good stealth scanners nowdays - the ones with up
to date tools. They do port/host not host/port ordered scans. That is you'll
see
x.x.x.1 80 x.x.x.2 80 -> etc
then maybe an hour later
x.x.x.1 81
Some of them also randomise the host order too. It is getting really hard
to spot scans because of this kind of stuff.
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
