- To: edz@UIC.EDU
- Subject: UDP attack from your site.
- From: Robert Dinse <nanook@eskimo.com>
- Date: Mon, 7 Sep 1998 04:40:22 -0700 (PDT)
- cc: cert@cert.org, outages-list@eskimo.com
- Resent-Date: Mon, 7 Sep 1998 04:39:32 -0700
- Resent-From: outages-list@eskimo.com
- Resent-Message-ID: <"7yXmD.0.DM4.pNyyr"@mx1>
- Resent-Sender: outages-list-request@eskimo.com
- Prev by Date: Network Connectivity
- Next by Date: Router Reboot
- Prev by thread: Router Reboot
- Next by thread: Network Connectivity
- Index(es):
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
UDP attack from your site.
We suffered a massive UDP attack from your site, approximately 120,000 to
140,000 packets per second, very small UDP packets aimed at one of our hosts,
204.122.16.40.
It was originating from within the 131.193.192-255.x range but stopped
before I could get the exact IP. I do not have the ability to sniff the
network here so was changing router filters 1 bit at a time doing essentially a
binary search to determine the address starting with the high-order bits first.
This attack completely crippled our network and essentially isolated about
3000 customers from the network for all practical purposes for the two hour
duration.