I know the holidays are still upon us, but if anyone from attbi.com is
listening who can deal with a security matter I would appreciate an email.
Or indeed if anyone has contact with such a person.
A little more detail, this regards a user who may be about to start a
large scale DDoS on an popula
On Wed, 1 Jan 2003, Avleen Vig wrote:
> Tracing back an IP from bind logs to see which name servers looked up an
> attacked address immediately before the attack started. This at leads to
> the offender's ISP which is a good start.
Relatively few people restrict the use of their name servers to o
> I am not getting through to speed.planet.nl in English, can anyone give
> me
> a decent translation of in Dutch (The Netherlands):
>
> "Here are our logs, indicating your host is attempting to access
> formmail on our web servers. We have been seeing at least 1,000 attempts
> a day
> for weeks
AV> Date: Wed, 1 Jan 2003 19:30:00 -0800 (PST)
AV> From: Avleen Vig
AV> Tracing back an IP from bind logs to see which name servers
AV> looked up an attacked address immediately before the attack
AV> started. This at leads to the offender's ISP which is a good
AV> start.
1) compromised hosts f
On Mon, 30 Dec 2002, Chris Wedgwood wrote:
> maybe this could help find the attacking nwtwork? assuming people are
> using local DNS servers?
> under attack you could sporadically 'lie' about the result... and log
> to whom you lied to... all the time looking for changes in the DDoS
> target
> a
I am not getting through to speed.planet.nl in English, can anyone give
me
a decent translation of in Dutch (The Netherlands):
"Here are our logs, indicating your host is attempting to access
formmail on our web servers. We have been seeing at least 1,000 attempts
a day
for weeks from this host.