Security Incidents mailing list archives
RE: DoS Attacks, Detecting the Source, and Service Providers
From: "Rob Shein" <shoten () starpower net>
Date: Tue, 4 Feb 2003 13:56:13 -0500
It is not a requirement, unless for some reason it's in their terms of service. That said, I've never seen a ToS from an ISP that involved backtracing a DoS. Detecting the source, in the event that it involves spoofed packets (as they almost always do), requires backtracing. If the DoS is traffic-intensive, it may be coming from more than one source as well, and there is no reliable way to determine this without backtracing either.
-----Original Message----- From: Hamid [mailto:hamidmails () panaisp net] Sent: Monday, February 03, 2003 4:40 PM To: incidents () securityfocus com Subject: DoS Attacks, Detecting the Source, and Service Providers Hi everybody, Maybe a newbie question, but I was wondering if back-tracing packets to its source is a service provider requirement? I mean if one of my hosts is being attacked, for example a simple ICMP DoS attack, what could I do if the service provider doesn't cooperate? I was wondering if there are certain procedures to detect the source of attacks? Thanks in advance, Hamid -------------------------------------------------------------- -------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- DoS Attacks, Detecting the Source, and Service Providers Hamid (Feb 04)
- Re: DoS Attacks, Detecting the Source, and Service Providers james (Feb 04)
- RE: DoS Attacks, Detecting the Source, and Service Providers Rob Shein (Feb 05)
- Re: DoS Attacks, Detecting the Source, and Service Providers H C (Feb 05)