No, I have my watch set to 24 hours, and somehow subtracted 12 from 16 to get 6. It was 4:50PM. ---------- Forwarded message ---------- Date: Thu, 14 Sep 2000 17:18:12 -0700 From: Ted Weiler <firstname.lastname@example.org> To: 'Robert Dinse' <email@example.com> Subject: RE: Packet Flood Denial of Service Predicting the future now are you? Whose going to win the election? or even better, how about some winning lottery numbers. Ted -----Original Message----- From: Robert Dinse [mailto:firstname.lastname@example.org] Sent: Thursday, September 14, 2000 5:03 PM To: email@example.com Subject: Packet Flood Denial of Service Around 6:50 PM today we were hit for a UDP packet flood denial of service attack which lasted for about ten minutes. As soon as I turned the filtering off on our router so I could attempt to capture some of the traffic, it stopped. This has become a pattern in recent attacks which leads me to believe the attackers are watching this to prevent any data from being collected that might provide a defense. Cisco people have indicated a willingness to work on this problem but they need some captured traffic to do so. This attack is a packet fragment leakage attack, if anybody knows of the program used to generate these attacks, it would be most helpful in that it would allow Crisco to test and arrive at an eventual fix.