Is someone hacking me ?

lvs-users

[Top] [All Lists]

<prev [Date] next>

<prev [Thread] next>

Is someone hacking me ?

from [Malcolm Turnbull]

[Permanent Link]

To:	lvs-users@xxxxxxxxxxxxxxxxxxxxxx, "Ca Phun Ung" <caphun.ung@xxxxxxxxxxxx>
Subject:	Is someone hacking me ?
From:	Malcolm Turnbull <Malcolm.Turnbull@xxxxxxxxxxxx>
Date:	Wed, 18 Dec 2002 17:10:33 +0000


I just got a large spike in traffic approx 10 connections per second from :

TCP 00:25 FIN_WAIT cache10.drkw.com:49470 192.168.1.13:http 192.168.1.7:http
TCP 00:24 FIN_WAIT cache10.drkw.com:49441 192.168.1.13:http 192.168.1.4:http
TCP 00:26 FIN_WAIT cache10.drkw.com:49440 192.168.1.13:http 192.168.1.7:http
TCP 00:24 FIN_WAIT cache10.drkw.com:49442 192.168.1.13:http 192.168.1.4:http

TCP 01:47 FIN_WAIT cache10.drkw.com:53541 192.168.1.13:http192.168.1.6:http


etc...

All the connections are showing as inactive...

So I assume http://www.drkw.com/ has been hacked and the hacker istargeting me ?

Can someone explain how the DOS protection stuff works and what wouldyou sugest using to limit bursts like this ?


10 connections a second is not a problem but it just got me worried :-).





--


Regards,

Malcolm Turnbull.

Crocus.co.uk Ltd
01344 629629
http://www.crocus.co.uk/

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Is someone hacking me ?, Malcolm Turnbull <= Re: Is someone hacking me ? (apparently not....), Malcolm Turnbull

Previous by Date:	Re: MasarLabs NoArp: new version uploaded, Sébastien Bonnet
Next by Date:	R: Is someone hacking me ?, Grilli, Diego
Previous by Thread:	MasarLabs NoArp: new version uploaded, Masar
Next by Thread:	Re: Is someone hacking me ? (apparently not....), Malcolm Turnbull
Indexes:	[Date] [Thread] [Top] [All Lists]