Security Basics mailing list archives
RE: TCP Syn Flooding
From: "Tim Laureska" <hometeam () goeaston net>
Date: Mon, 17 Feb 2003 16:58:27 -0500
Craig... is there anything particular in the message that makes you think its just a 'script kiddie' trying a DoS attack ... or is that just your thoughts based on experience -----Original Message----- From: Craig Searle [mailto:craig.searle () sift com au] Sent: Monday, February 17, 2003 4:17 PM To: 'Tim Laureska'; 'security-basics' Subject: RE: TCP Syn Flooding Its just a 'script kiddie' trying a DoS attack- I wouldn't really worry if I were you. Your firewall has picked it up and stopped any problems. If you are still concerned you want to consider setting your firewall to block that IP altogether. Craig Searle SIFT Pty Ltd www.sift.com.au P (02) 9236 7276 F (02) 9236 7271 M 0402 914 077 E craig.searle () sift com au Level 67, MLC Centre, Martin Place, Sydney NSW 2000 [ABN 42 094 359 743] This correspondence is for the named person's use only. It may contain confidential or legally privileged information or both. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this correspondence in error, please immediately delete it from your system and notify the sender. You must not disclose, copy or rely on any part of this correspondence if you are not the intended recipient. Any opinions expressed in this message are those of the individual sender, except where the sender expressly, and with authority, states them to be the opinions of SIFT Pty Ltd. -----Original Message----- From: Tim Laureska [mailto:hometeam () goeaston net] Sent: Sunday, 16 February 2003 01:21 AM To: security-basics Subject: TCP Syn Flooding OK. I just installed a Netgear firewall box between a cable modem and a NT 4.0 server on a small network.. and set it up to email me attempts at security breaches. I am brand new to these devices and a relative neophyte to internet/internal network security. So the question is this. I received this message a few times yesterday after I installed the box: Fri, 02/14/2003 20:35:01 - TCP connection dropped - Source:205.138.3.201, 80, WAN - Destination:69.2.167.25, 20306, LAN - 'TCP:Syn Flooding' End of Log ---------- What should I make of this? T.
Current thread:
- TCP Syn Flooding Tim Laureska (Feb 17)
- Re: TCP Syn Flooding Matt Thoene (Feb 17)
- Re: TCP Syn Flooding Ivan Hernandez (Feb 17)
- RE: TCP Syn Flooding Craig Searle (Feb 18)
- RE: TCP Syn Flooding Tim Laureska (Feb 18)
- RE: TCP Syn Flooding Craig Searle (Feb 18)
- RE: TCP Syn Flooding Tim Laureska (Feb 18)
- RE: TCP Syn Flooding Tim Laureska (Feb 18)
- Re: TCP Syn Flooding Anders Reed Mohn (Feb 18)
- Re: TCP Syn Flooding neopara (Feb 18)
- RE: TCP Syn Flooding Tim Laureska (Feb 19)
- RE: TCP Syn Flooding neopara (Feb 20)
- Windows auditing eric (Feb 22)
- RE: TCP Syn Flooding Tim Laureska (Feb 19)
- <Possible follow-ups>
- RE: TCP Syn Flooding Michael Parker (Feb 17)
- RE: TCP Syn Flooding Anomaly (Feb 18)