[14713] in North American Network Operators' Group
Identifying type of DOS attacks?
daemon@ATHENA.MIT.EDU (Peter Helmenstine)
Thu Jan 22 12:53:32 1998
Date: Thu, 22 Jan 1998 09:24:41 -0800 (PST)
From: Peter Helmenstine <pete@gladstone.uoregon.edu>
To: nanog@merit.edu
How do most of you identify the latest type of DOS attack of the week? I
know that some are usually more obvious than others and if you have
exhisting filters it helps to narrow down some problems but other than
seeing that ping times are in seconds the seconds and noticing that your
pipe is hosed, how does one determine that it's a DOS attack when it's
happening rather than say a bad piece of hardware. Is there anything
that you all look for in particular. Does DOS Tracker tell you the type of
attack that is being used? Other monitoring tools?
-Pete
--------------------- Peter Helmenstine ---------------------------
WWW: http://marin.uoregon.edu/~pete E-mailto:pete@marin.uoregon.edu
UofO Computing Center, Eugene, Or 97403 (541) 346-1629
