Merit Network
 Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives
North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Possible New type of DOS attack

  • From: Mike Lewinski
  • Date: Mon Mar 25 16:53:50 2002 
It was probably a large packet flood to random destination ports. Some of
them happened to hit rshell. What really took out your routing procs was
likely a huge packet flood, but due to volume you may not have been able to
access normal interface counters (i.e. MRTG doesn't get any SNMP packets
back when OSPF goes bye-bye).

Mike

----- Original Message -----
From: "Vinny India" <vindia@ads.espire.net>
To: <nanog@merit.edu>
Sent: Monday, March 25, 2002 2:44 PM
Subject: Possible New type of DOS attack


>
> Anyone out there ever witness an attack were you received several RSHPORT
> attempts (5 per second) on a cisco router from different spoofed source
> addresses. It was capable of taking out BGP and OSPF sessions on the
router.
>
>


Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.