On Fri, 21 May 2004 19:19:46 -, Richard Cox <[EMAIL PROTECTED]> said:
> While there are obvious difficulties with Russian (and neighbouring
> country) ISPs, for the rest of Europe any such misconduct gets fast
> action - as witness the speed with which Law Enforcement moved over
> the Sasser w
On 21 May 2004 18:11 UTC Scott Weeks <[EMAIL PROTECTED]> wrote:
| How much more of my time do you think it'd take to convince
| international authorities that some kid who ran LC4 from Europe,
| got a password and put something from
| http://www.packetstormsecurity.org/DoS/index.html on one of th
: the best thing is if you call the FBI, or NIPC. if you call your local FBI
: field office and say you're experiencing a cyberattack and could they give
: you the number for NIPC then it'll probably produce the results you want,
: even if NIPC has been renamed one or more times since i last tal
specifically slides 86-92 and 105-127.
-Hank
On Thu, May 20, 2004 at 11:52:01AM -0700, Mark Kent wrote:
>
> I've been trying to find out what the current BCP is for handling ddos
> attacks. Mostly what I find is material about how to be a good
> net.citizen (we already are), how to
> Ok, I 'll buy that right now; we have a DDoS Attack on our core nameservers
> from 66.165.10.24. Where do we start, do I call the police in Bellingham or
> Washington State Police. We have blocked their ips but, we know they will
> come in another way.
the best thing is if you call the FBI, or
On May 20, 2004, at 8:10 PM, Tim Wilde wrote:
Call your local branch of the US Secret Service, if you're in the
states,
and ask for their electronic crimes division. If you're not in the
states, contact your comprable local authority. They can work with
you to
coordinate with other jurisdictio
On Thu, 20 May 2004, P.Schroebel wrote:
> Ok, I 'll buy that right now; we have a DDoS Attack on our core nameservers
> from 66.165.10.24. Where do we start, do I call the police in Bellingham or
> Washington State Police. We have blocked their ips but, we know they will
> come in another way.
C
- Original Message -
From: "Paul Vixie" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, May 20, 2004 9:48 PM
Subject: Re: handling ddos attacks
>
> [EMAIL PROTECTED] (Mark Kent) writes:
>
> > I've been trying to find out
[EMAIL PROTECTED] (Mark Kent) writes:
> I've been trying to find out what the current BCP is for handling ddos
> attacks. Mostly what I find is material about ... But I don't care
> about most of that. I care that a gazillion pps are crushing our border
> routers (72
On May 20, 2004, at 12:52 PM, Mark Kent wrote:
I've been trying to find out what the current BCP is for handling ddos
attacks. Mostly what I find is material about how to be a good
net.citizen (we already are), how to tune a kernel to better withstand
a syn flood, router stuff you can
[EMAIL PROTECTED] disait :
>
> On Thu, May 20, 2004 at 11:52:01AM -0700, Mark Kent wrote:
> >
> > I've been trying to find out what the current BCP is for handling ddos
> > attacks. Mostly what I find is material about how to be a good
> > net.citizen (we al
/content/research/presentations/ddos_intro/
-Steve
On Thu, 20 May 2004, Mark Kent wrote:
>
> I've been trying to find out what the current BCP is for handling ddos
> attacks. Mostly what I find is material about how to be a good
> net.citizen (we already are), how to tune a
find out what the current BCP is for handling ddos
attacks. Mostly what I find is material about how to be a good
net.citizen (we already are), how to tune a kernel to better withstand
a syn flood, router stuff you can do to protect hosts behind it, how
to track the attack back to the source, how
resources I have available.
Good luck.
--ra
--
Rachael Treu-Gomes, CISSP [EMAIL PROTECTED]
..quis costodiet ipsos custodes?..
On Thu, May 20, 2004 at 11:52:01AM -0700, Mark Kent said something to the effect of:
>
> I've been trying to find out what the current BCP is for ha
On Thursday, May 20, 2004 2:52 PM, Mark Kent wrote:
> I've been trying to find out what the current BCP is for handling ddos
> attacks. Mostly what I find is material about how to be a good
> net.citizen (we already are), how to tune a kernel to better withstand
> a syn flood,
On Thu, May 20, 2004 at 11:52:01AM -0700, Mark Kent wrote:
>
> I've been trying to find out what the current BCP is for handling ddos
> attacks. Mostly what I find is material about how to be a good
> net.citizen (we already are), how to tune a kernel to better withstand
>
I too would be interested if someone could point a good white paper
for cisco DDOS protection mechanisms and best practices in general.
On Thu, May 20, 2004 at 11:52:01AM -0700, Mark Kent wrote:
>
> I've been trying to find out what the current BCP is for handling ddos
> attacks.
I've been trying to find out what the current BCP is for handling ddos
attacks. Mostly what I find is material about how to be a good
net.citizen (we already are), how to tune a kernel to better withstand
a syn flood, router stuff you can do to protect hosts behind it, how
to track the a
18 matches
Mail list logo