[67721] in North American Network Operators' Group
80/udp floods?
daemon@ATHENA.MIT.EDU (Scott Call)
Wed Feb 18 05:46:03 2004
Date: Wed, 18 Feb 2004 02:45:14 -0800 (PST)
From: Scott Call <scall@devolution.com>
To: <nanog@merit.edu>
Errors-To: owner-nanog-outgoing@merit.edu
I apologize for the potentially obvious question, but I've been through
sf, google, etc and can't find anything.
I have a customer that is currently getting several hundred thousand
packets per second sent to them on 80/udp. /etc/services lists 80/udp as
IANA assigned for http but I've never seen a udp implementation of http so
I'm assuming it's a sneaky DOS/DDOS of some kind.
ACL's seem to work to catch it but I'm curious if anyone has seen this
specific attack (80/udp) before.
Thanks
-Scott
--
Scott Call Router Geek, ATGi, home of $6.95 Prime Rib
I make the world a better place, I boycott Wal-Mart
VoIP incoming: +1 360-382-1814
