|
|
Incidents
DoS Attacks, Detecting the Source, and Service Providers Feb 03 2003 09:39PM Hamid (hamidmails panaisp net) (3 replies) Re: DoS Attacks, Detecting the Source, and Service Providers Feb 04 2003 08:44PM H C (keydet89 yahoo com) Re: DoS Attacks, Detecting the Source, and Service Providers Feb 04 2003 06:35PM james (jamesh cybermesa com) |
|
Privacy Statement |
service. That said, I've never seen a ToS from an ISP that involved
backtracing a DoS. Detecting the source, in the event that it involves
spoofed packets (as they almost always do), requires backtracing. If the
DoS is traffic-intensive, it may be coming from more than one source as
well, and there is no reliable way to determine this without backtracing
either.
> -----Original Message-----
> From: Hamid [mailto:hamidmails (at) panaisp (dot) net [email concealed]]
> Sent: Monday, February 03, 2003 4:40 PM
> To: incidents (at) securityfocus (dot) com [email concealed]
> Subject: DoS Attacks, Detecting the Source, and Service Providers
>
>
> Hi everybody,
>
> Maybe a newbie question, but I was wondering if back-tracing
> packets to its source is a service provider requirement? I
> mean if one of my hosts is being attacked, for example a
> simple ICMP DoS attack, what could I do if the service
> provider doesn't cooperate? I was wondering if there are
> certain procedures to detect the source of attacks?
>
> Thanks in advance,
> Hamid
>
>
>
> --------------------------------------------------------------
> --------------
> This list is provided by the SecurityFocus ARIS analyzer
> service. For more information on this free incident handling,
> management
> and tracking system please see: http://aris.securityfocus.com
>
------------------------------------------------------------------------
----
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
[ reply ]