Security Basics mailing list archives

DOS Attack?

From: Shawn Wall <sjwall () shaw ca>
Date: Wed, 24 Nov 2004 19:22:40 -0700

Hi List,

I'm currently experiencing network outages due to what appears to be DOS
attacks. I'm running a wireless ISP using a Cisco 2611 and CBAC and I have a
/24 public address range. During the outage I can see traffic from a single
external host sending thousands of packets to a single internal host. I
don't have port 80 inbound open in my ACLs so I don't understand how the
external host is even able to contact the internal host to begin with.
Secondly, how is it possible for an attack on 1 internal host to cripple the
rest of my network? Any feedback would be welcome. Thanks.

shawn

Current thread:

DOS Attack? Shawn Wall (Nov 26)
- Re: DOS Attack? Suramya Tomar (Nov 26)
- Re: DOS Attack? Mario Pascucci (Nov 27)
- Re: DOS Attack? Juan Carlos Jimenez Jamett (Nov 27)
- Re: DOS Attack? Anthony Boynes (Nov 27)
- RE: DOS Attack? David Gillett (Nov 29)
- <Possible follow-ups>
- RE: DOS Attack? David Gillett (Nov 29)
- RE: DOS Attack? Andrew Shore (Nov 29)