RE: DoS "Probing" on one of our hosts

["Keith T. Morgan" <keith.morgan () terradon com>]

I agree.  Maybe some packet captures would help out.  Honestly, I don't think I could get 80% of my job done without a 
good sniffer.

It's very likely a DoS based on the volume alone.  But a good packet capture narrowing down the type of traffic would 
be very usefull in figuring out what's going on.
 

> -----Original Message-----
> From: Harlan Carvey [mailto:keydet89 () yahoo com]
> Sent: Sunday, June 29, 2003 7:27 PM
> To: incidents () securityfocus com
> Subject: re: DoS "Probing" on one of our hosts
>
>
> Chris,
>
> A couple of quick questions for clarification...
>
> > So far, we've yet to determine even the most basic
> stuff

**************************************************************************************************
The contents of this email and any attachments are confidential.
It is intended for the named recipient(s) only.
If you have received this email in error please notify the system manager or  the 
sender immediately and do not disclose the contents to anyone or make copies.

** this message has been scanned for viruses, vandals and malicious content **
**************************************************************************************************


----------------------------------------------------------------------------
Attend the Black Hat Briefings & Training, July 28 - 31 in Las Vegas, the
world's premier technical IT security event! 10 tracks, 15 training sessions,
1,800 delegates from 30 nations including all of the top experts, from CSO's to
"underground" security specialists.  See for yourself what the buzz is about!
Early-bird registration ends July 3.  This event will sell out. www.blackhat.com
----------------------------------------------------------------------------