[39516] in North American Network Operators' Group
Speaking of DDoS attacks
daemon@ATHENA.MIT.EDU (Robert Cannon)
Thu Jul 12 16:46:59 2001
Message-ID: <20010712204559.14968.qmail@web14801.mail.yahoo.com>
Date: Thu, 12 Jul 2001 13:45:59 -0700 (PDT)
From: Robert Cannon <rcannon101@yahoo.com>
To: nanog@merit.edu
In-Reply-To: <Pine.LNX.4.33.0107120958170.19601-100000@sh01>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Errors-To: owner-nanog-outgoing@merit.edu
Speaking of DDOS attacks, there seems to be one going
on associated with the NANOG list. I was wondering if
anyone could offer insite.
At my work address, I have received the same email
from NANOG about every 10 - 15 minutes. I have
received hundreds of copies of this email. Yet at
this address I do not receive the repeated copies (and
no one else on the list appears to have complained).
If I look at the header of the email, the last hop, if
I am reading it correctly, is named
"zombie.la.interpacket.net" by
mrbig.la.interpacket.net. I have since unsubscribed
from NANOG from my work address yet still receive the
emails. Also, this has been going on for over a week
(since a rule filters all my nanog email into a
folder, it has not bothered me too much) - every few
days, the email that I am repeatedly hit with changes.
Currently, the email I am being hit with is "OT: The
End of Empire."
Below I have pasted the header of the email
I would be curious to hear people's thoughts about
this. Is this a type of a DDOS? Anyone familiar
with it?
-B
Received: from XXXX
([165.135.0.253])
by XXXX; Thu, 12 Jul 2001 16:01:40 -0400
Received: by XXXX; id QAA14070; Thu, 12 Jul 2001
16:01:38 -0400 (EDT)
Received: from unknown(198.108.1.26) by XXXX via smap
(V5.5)
id xmaa13982; Thu, 12 Jul 01 16:00:42 -0400
Received: by trapdoor.merit.edu (Postfix)
id BB70F91231; Tue, 10 Jul 2001 14:35:31 -0400 (EDT)
Delivered-To: nanog-outgoing@trapdoor.merit.edu
Received: by trapdoor.merit.edu (Postfix, from userid
56)
id 896EB91251; Tue, 10 Jul 2001 14:35:31 -0400 (EDT)
Delivered-To: nanog@trapdoor.merit.edu
Received: from segue.merit.edu (segue.merit.edu
[198.108.1.41])
by trapdoor.merit.edu (Postfix) with ESMTP id
83A3791231
for <nanog@trapdoor.merit.edu>; Tue, 10 Jul 2001
14:35:29 -0400 (EDT)
Received: by segue.merit.edu (Postfix)
id 79E335DE1A; Tue, 10 Jul 2001 14:36:58 -0400 (EDT)
Delivered-To: nanog@merit.edu
Received: from bond.interpacket.net
(us-la-gate.interpacket.net [209.198.223.250])
by segue.merit.edu (Postfix) with SMTP id ECF9A5DDD8
for <nanog@merit.edu>; Tue, 10 Jul 2001 14:36:57
-0400 (EDT)
Received: (qmail 31855 invoked from network); 10 Jul
2001 18:35:43 -0000
Received: from mrbig.la.interpacket.net (192.168.6.5)
by bond.la.interpacket.net with SMTP; 10 Jul 2001
18:35:42 -0000
Received: from [192.168.4.53]
(zombie.la.interpacket.net [192.168.4.53]) by
mrbig.la.interpacket.net with SMTP (Microsoft Exchange
Internet Mail Service Version 5.5.2653.13)
id N6TNP8LB; Tue, 10 Jul 2001 11:39:32 -0700
Mime-Version: 1.0
X-Sender: mikey@popmail.la.interpacket.net
Message-Id: <a05010406b770fb74762d@[192.168.4.53]>
Date: Tue, 10 Jul 2001 11:35:52 -0700
To: nanog@merit.edu
From: Mikey Wilsker <mikey@interpacket.net>
Subject: OT: The End of Empire
Content-Type: text/plain; charset="us-ascii" ;
format="flowed"
Sender: owner-nanog@merit.edu
Precedence: bulk
Errors-To: owner-nanog-outgoing@merit.edu
X-Loop: nanog
__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail
http://personal.mail.yahoo.com/
