[60579] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

RE: The impending DDoS storm

daemon@ATHENA.MIT.EDU (Kevin Houle)
Thu Aug 14 11:43:40 2003

Date: Thu, 14 Aug 2003 11:41:19 -0400
From: Kevin Houle <kjh@cert.org>
To: flyman2@corp.earthlink.net, nanog@merit.edu
In-Reply-To: <000901c36278$392fb010$33b645cf@flyman>
Errors-To: owner-nanog-outgoing@merit.edu


--On Thursday, August 14, 2003 11:24:53 AM -0400 Josh Fleishman 
<flyman2@corp.earthlink.net> wrote:

> Has anyone determined a method for triggering the DOS attack manually?
> We've attempted this by changing an infected machine's clock, however it
> did not work on our test box.  If anyone has triggered the attack, do
> you have a copy of the sniffed data stream?

The code looks at the clock once at startup. Once the code is running,
it does not appear to recheck the clock. Set your clock prior to running
the test.

Kevin


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[60579] in North American Network Operators' Group

RE: The impending DDoS storm

daemon@ATHENA.MIT.EDU (Kevin Houle)Thu Aug 14 11:43:40 2003

daemon@ATHENA.MIT.EDU (Kevin Houle)
Thu Aug 14 11:43:40 2003