[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DDOS attack ?!?



Found this on the register, hope it helps.

The vulnerability exploited by the Slapper (Apache/mod_ssl) worm was
fixed beginning with OpenSSL version 0.9.6e. Administrators may want to
upgrade to the latest version as of this writing the latest version of
OpenSSL is 0.9.6g.


-----Original Message-----
From: Gary [mailto:gary@mygirlfriday.info] 
Sent: Sunday, September 15, 2002 3:46 PM
To: Aaron Cronkright
Cc: luci-discuss@luci.org; silug-discuss@silug.org
Subject: Re: DDOS attack ?!?


Hi Aaron,

On Sunday, September 15, 2002, 3:39 PM, you hammered out in part about
"DDOS attack ?!?":

A> I am getting what seems to be a small scale ddos attack on my server 
A> at home and at work.  What I am getting is tons of UDP packets to 
A> port 2002.  Since my  ipchains/tables was set to REJECT instead of 
A> DENY, my box was kindly returning  ICMP "Port not reachable" packets.

A> I have since changed the firewall rule to  DENY so it will drop the 
A> packets and not reply.

Congrats.. you have, or are being attacked by the new linux.slapper.worm
that started in Europe a few days ago.  It is affecting all Apache
servers, and uses port 2002.

http://linuxtoday.com/news_story.php3?ltsn=2002-09-14-005-26-SC-SW


-- 
 
Best regards,
 Gary  

Today's thought: A woman drove me to drink and I didn't even have the
decency to thank her.  ...W.C. Fields                      


-
To unsubscribe, send email to majordomo@luci.org with "unsubscribe
luci-discuss" in the body.

-
To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.