- From: Erez Levin <erezl@dingo.co.il>
- Date: Tue, 24 Dec 1996 13:55:26 -0800
- To: http-wg%cuckoo.hpl.hp.com@hplb.hpl.hp.com
Dear readers, Here is a summary of an article published in our local nigh newspaper regarding a security breach: "Webcom Webserver has suffered a major attack on its web site. This attack took off thier main webserver off the air for 40 hours!!!! The attacking method is the "SYN-flood" which allows bombing of the site with messages rating up to 200 messages per second. Sending messages using "SYN-flood" the user does not send a real IP address and the web server keep on searching for the remote user to send the answer to. Overloading the web server with so many false messages didnot allow the "real" messages to get through and overloaded the Machine's memory. It seems that two Hackers magazines have published the source code and now any webserver in the world is opened to such and attack." (Summarised from "Globes" http://www.globes.co.il Israel financial magazine, Hi-Tech section, tuesday edition). Is any of you guys familiar with this "SYN-flood" bombimg method? does anyone know how you can located this suspects and place them under a "black list" of forbidden sites? -- Regards ----------------------------------------------------------------- Erez Levin R&D manager DDDDDD IIIIII NN NN GGGGG OOO D D II NNNN NN GG OO OO D D II NN NN NN GG OO OO D D II NN NN NN GG GGGG OO OO Infosystems D D II NN NN NN GG GG OO OO DDDDDD IIIIII NN NNNN GGGG OOO Email: erezl@dingo.co.il Our site:http://www.dingo.co.il -------------------------------------------------------------------
Received on Tuesday, 24 December 1996 03:58:32 UTC