From route@onyx.infonexus.com Mon Sep 16 02:36:43 1996 Received: from onyx.infonexus.com (plugHead@onyx.infonexus.com [204.162.164.220]) by suburbia.net (8.7.4/Proff-950810) with SMTP id CAA10335 for ; Mon, 16 Sep 1996 02:36:33 +1000 From: route@onyx.infonexus.com Received: (qmail-queue invoked by uid 501); 15 Sep 1996 16:39:17 -0000 Message-ID: <19960915163917.7232.qmail@onyx.infonexus.com> Subject: Re: BoS: ping flood To: lucas@wasteland.org (Synthesizer Punk) Date: Sun, 15 Sep 1996 09:39:17 -0700 (PDT) Cc: best-of-security@suburbia.net In-Reply-To: from "Synthesizer Punk" at Sep 16, 96 00:03:56 am X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Synthesizer Punk's thoughts were: | Widening the subject field, I'd like to bring up the fact that ICMP | isn't the only protocol being abused in order to stop the flow of data on I hate to be the one to bring up the obvious, but the DOS attack of choice lately is TCP SYN flooding. Low bandwith, virtually untraceable, and quite difficult for the average ISP to deal with... FWIW: PLEASE! Let's not start another debate on the subject. There is enough going around as it is. I merely wanted to mention it. Nothing more... | networks... UDP seems to be popular these days, and little lovely programs such | as octopus just create a buttload of socket connections. There are really two Octopus uses TCP-based sockets...;) But, sure, UDP storms, Syslogd floods, etc... Any protocol can be abused... -- [ route@infonexus.com ] Editor, Phrack Magazine / Member, Guild Corporation the greatest trick the devil ever pulled was convincing the world he didn't exist