Talkback for article: 282, March2003
[ date: 2003-04-06 ]
Other types of attacks include taking advantage of ICMP services (e.g. redirects and source quench), using invalid TCP parameters to slow or clog hosts (e.g. use minimal window sizes) and perform multicast pull attacks (spoof IGMP joins on behalf of the victim). Overall a good article, but the list of possible attacks really is endless.
From: Frank dijkstra <fdijkstra(at)hotmail.com>
[ date: 2003-07-20 ]
the past few weeks i'm getting these kind of warnings in my routerlog:
2003/07/19 10:32:15 ** IP Spoofing ** <IP/IGMP> 192.168.2.100 ->> 184.108.40.206
2003/07/19 10:33:11 ** IP Spoofing ** <IP/IGMP> 192.168.2.100 ->> 220.127.116.11
and also a lot of TCP IP flooding which disconnects me from internet for about 30 minutes:
2003/06/27 16:29:05 ** TCP SYN Flooding ** <IP/TCP> 18.104.22.168:2782 ->> 22.214.171.124:445
2003/06/27 16:29:06 ** TCP SYN Flooding ** <IP/TCP> 126.96.36.199:2782 ->> 188.8.131.52:445
2003/06/27 16:29:07 ** TCP SYN Flooding ** <IP/TCP> 184.108.40.206:2782 ->> 220.127.116.11:445
how can i solve this? i'm a complete newbie when it comes to ip's and stuff, so please explain in easy terms, rather in dutch than in english.....
From: a proctor <karma(at)velocitus.net>
[ date: 2003-08-30 ]
I am a home pc user. Running win98se. Lots of security problems. Currently using Sygate Firewall. Whenever I connect to the internet using my dial up
connection 18.104.22.168 sygate requests permission for 22.214.171.124 to connect using ICMP protocol. I now have multiples of 126.96.36.199 (aol) in my traffic log. This is before I even open IE. I am absolutely not supposed to be part of a "network". Nor do I ever use aol services or browse w/aol.
Antivirus programs show nothing. Security scans show nothing. But, you should see my firewall logs! Any info is better than no info. THis is a daily thing. And, yes I have fdisked, formatted & reloaded. THREE TIMES.
From: Valon <sex_not_valid(at)hotmail.com>
[ date: 2003-12-29 ]
How to send syn pack
can you learning me for send syn packet
I like to kill ircd ip 188.8.131.52
Pleas tell me
Due to the increased amount of web spam we have deciced to
removed the talkback posting possibility. You can read old talkbacks
but you can no longer post new ones.
Please contact webmaster(at)linuxfocus.org if you have any questions with regards to this talkback
lftalkback version 3.10