[56982] in North American Network Operators' Group
Syn Flood
daemon@ATHENA.MIT.EDU (Christopher Bird)
Tue Mar 25 22:56:16 2003
From: "Christopher Bird" <seabird@msn.com>
To: <nanog@merit.edu>
Date: Tue, 25 Mar 2003 21:55:41 -0600
Errors-To: owner-nanog-outgoing@merit.edu
This is a multi-part message in MIME format.
------=_NextPart_000_0014_01C2F319.47BAED80
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit
I have a problem on a home PC of all things. Every once in a while it
bursts into life and syn floods an IP address on port 80. The IP
addresses it chooses are random and varied. The network counters ratchet
up alarmingly (as viewed in the connections window). I am running winXP
Pro on this box.
I have zone alarm, an SMC Barricade firewall, and Norton anti virus.
I don't seem to be able to catch the computer at it, I just have the
evidence after the event. I don't like the anti social behavior that
this is exhibiting and am wondering if the collective wisdom of this
group might have any ideas how to track the issue down.
According to virus checkers, I am clean.
Thanks in advance
Chris Bird
------=_NextPart_000_0014_01C2F319.47BAED80
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
<html>
<head>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Dus-ascii">
<meta name=3DGenerator content=3D"Microsoft Word 10 (filtered)">
<style>
<!--
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin-top:6.0pt;
margin-right:0in;
margin-bottom:0in;
margin-left:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
h1
{margin-top:12.0pt;
margin-right:0in;
margin-bottom:3.0pt;
margin-left:.3in;
text-indent:-.3in;
page-break-after:avoid;
font-size:16.0pt;
font-family:"Times New Roman";}
h2
{margin-top:12.0pt;
margin-right:0in;
margin-bottom:3.0pt;
margin-left:.4in;
text-indent:-.4in;
page-break-after:avoid;
font-size:14.0pt;
font-family:"Times New Roman";
font-style:italic;}
h3
{margin-top:12.0pt;
margin-right:0in;
margin-bottom:3.0pt;
margin-left:.5in;
text-indent:-.5in;
page-break-after:avoid;
font-size:12.0pt;
font-family:"Times New Roman";}
p.MsoCaption, li.MsoCaption, div.MsoCaption
{margin-top:6.0pt;
margin-right:0in;
margin-bottom:6.0pt;
margin-left:0in;
text-align:center;
font-size:10.0pt;
font-family:"Times New Roman";
font-weight:bold;}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
p.TitlePage, li.TitlePage, div.TitlePage
{margin-top:4.5in;
margin-right:0in;
margin-bottom:6.0pt;
margin-left:0in;
text-align:center;
font-size:24.0pt;
font-family:"Times New Roman";}
p.TitlePageCxSpFirst, li.TitlePageCxSpFirst, div.TitlePageCxSpFirst
{margin-top:4.5in;
margin-right:0in;
margin-bottom:0in;
margin-left:0in;
margin-bottom:.0001pt;
text-align:center;
font-size:24.0pt;
font-family:"Times New Roman";}
p.TitlePageCxSpMiddle, li.TitlePageCxSpMiddle, div.TitlePageCxSpMiddle
{margin:0in;
margin-bottom:.0001pt;
text-align:center;
font-size:24.0pt;
font-family:"Times New Roman";}
p.TitlePageCxSpLast, li.TitlePageCxSpLast, div.TitlePageCxSpLast
{margin-top:0in;
margin-right:0in;
margin-bottom:6.0pt;
margin-left:0in;
text-align:center;
font-size:24.0pt;
font-family:"Times New Roman";}
p.FrontSub, li.FrontSub, div.FrontSub
{margin-top:6.0pt;
margin-right:0in;
margin-bottom:6.0pt;
margin-left:0in;
text-align:center;
font-size:20.0pt;
font-family:"Times New Roman";}
p.FrontSubCxSpFirst, li.FrontSubCxSpFirst, div.FrontSubCxSpFirst
{margin-top:6.0pt;
margin-right:0in;
margin-bottom:0in;
margin-left:0in;
margin-bottom:.0001pt;
text-align:center;
font-size:20.0pt;
font-family:"Times New Roman";}
p.FrontSubCxSpMiddle, li.FrontSubCxSpMiddle, div.FrontSubCxSpMiddle
{margin:0in;
margin-bottom:.0001pt;
text-align:center;
font-size:20.0pt;
font-family:"Times New Roman";}
p.FrontSubCxSpLast, li.FrontSubCxSpLast, div.FrontSubCxSpLast
{margin-top:0in;
margin-right:0in;
margin-bottom:6.0pt;
margin-left:0in;
text-align:center;
font-size:20.0pt;
font-family:"Times New Roman";}
p.Preface, li.Preface, div.Preface
{margin-top:12.0pt;
margin-right:0in;
margin-bottom:3.0pt;
margin-left:0in;
page-break-before:always;
page-break-after:avoid;
font-size:16.0pt;
font-family:"Times New Roman";
font-weight:bold;}
p.titlepage0, li.titlepage0, div.titlepage0
{margin-top:4.5in;
margin-right:0in;
margin-bottom:6.0pt;
margin-left:0in;
text-align:center;
font-size:24.0pt;
font-family:"Times New Roman";}
p.titlepagecxspfirst, li.titlepagecxspfirst, div.titlepagecxspfirst
{margin-top:4.5in;
margin-right:0in;
margin-bottom:0in;
margin-left:0in;
margin-bottom:.0001pt;
text-align:center;
font-size:24.0pt;
font-family:"Times New Roman";}
p.titlepagecxspmiddle, li.titlepagecxspmiddle, div.titlepagecxspmiddle
{margin:0in;
margin-bottom:.0001pt;
text-align:center;
font-size:24.0pt;
font-family:"Times New Roman";}
p.titlepagecxsplast, li.titlepagecxsplast, div.titlepagecxsplast
{margin-top:0in;
margin-right:0in;
margin-bottom:6.0pt;
margin-left:0in;
text-align:center;
font-size:24.0pt;
font-family:"Times New Roman";}
p.frontsub0, li.frontsub0, div.frontsub0
{margin-top:6.0pt;
margin-right:0in;
margin-bottom:6.0pt;
margin-left:0in;
text-align:center;
font-size:20.0pt;
font-family:"Times New Roman";}
p.frontsubcxspfirst, li.frontsubcxspfirst, div.frontsubcxspfirst
{margin-top:6.0pt;
margin-right:0in;
margin-bottom:0in;
margin-left:0in;
margin-bottom:.0001pt;
text-align:center;
font-size:20.0pt;
font-family:"Times New Roman";}
p.frontsubcxspmiddle, li.frontsubcxspmiddle, div.frontsubcxspmiddle
{margin:0in;
margin-bottom:.0001pt;
text-align:center;
font-size:20.0pt;
font-family:"Times New Roman";}
p.frontsubcxsplast, li.frontsubcxsplast, div.frontsubcxsplast
{margin-top:0in;
margin-right:0in;
margin-bottom:6.0pt;
margin-left:0in;
text-align:center;
font-size:20.0pt;
font-family:"Times New Roman";}
p.preface0, li.preface0, div.preface0
{margin-top:12.0pt;
margin-right:0in;
margin-bottom:3.0pt;
margin-left:0in;
page-break-before:always;
page-break-after:avoid;
font-size:16.0pt;
font-family:"Times New Roman";
font-weight:bold;}
span.emailstyle21
{font-family:Arial;
color:windowtext;}
span.EmailStyle31
{font-family:Arial;
color:navy;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
{page:Section1;}
/* List Definitions */
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
-->
</style>
</head>
<body lang=3DEN-US link=3Dblue vlink=3Dpurple>
<div class=3DSection1>
<p class=3DMsoNormal><font size=3D3 face=3D"Times New Roman"><span =
style=3D'font-size:
12.0pt'> </span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>I have a problem on a home PC of all things. Every =
once in a
while it bursts into life and syn floods an IP address on port 80. The =
IP addresses
it chooses are random and varied. The network counters ratchet up =
alarmingly
(as viewed in the connections window). I am running winXP Pro on this =
box.</span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'> </span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>I have zone alarm, an SMC Barricade firewall, and =
Norton
anti virus. </span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'> </span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>I don’t seem to be able to catch the computer =
at it, I
just have the evidence after the event. I don’t like the anti =
social
behavior that this is exhibiting and am wondering if the collective =
wisdom of
this group might have any ideas how to track the issue =
down.</span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'> </span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>According to virus checkers, I am =
clean.</span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'> </span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Thanks in advance</span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'> </span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Chris Bird</span></font></p>
</div>
</body>
</html>
------=_NextPart_000_0014_01C2F319.47BAED80--
