Eskimo North


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Network Problems - Denial of Service Attack




     The intermittant network problems this evening, and the problem with IRC
services, was the result of some sort of packet flood denial of service attack.

     I don't know what the exact nature of the attack was but it caused the
packet count to go very high on every host, even those with ICMP and UDP
blocked, and it crashed services which is running Linux 2.0.35 (an older
kernel), SunOS 4.1.4 and Linux 2.2.x was not affected, except that the flood
rate was so high for a while it saturated the routers CPU. 

     I've got another CPU 4x the speed of the current one that will be
replacing the existing router as soon as I can acquire some necessary cabling
that should reduce the ability for people to saturate the router in the near
future. 

     In the meantime, I've implemented more strict filtering rules for
hub/services which does prevent them from crashing it so that should make for
less of an incentive.