Thanks for the suggestion.. I do subscribe to those lists however there wasn't anything on those lists when this original message was posted..:) Nor, was there any discussion on the news, online sites, really.. No other mailing lists until a few hours later...
Sincerely, Paul Stewart -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of nate Sent: Saturday, January 25, 2003 1:29 PM To: [EMAIL PROTECTED] Subject: RE: Pesky DDOS attack on UDP 1434 Paul Stewart said: > Sorry to post this back to this list but I just spent 5 long hours at > work because of outages relating to this... All of the machines (happy > to say) were Winbloze 2000 boxes and now that you mention it they all > have MSSQL on them.. > > Thnx for making this noticed on the list.. I've been searching for > half an hour to find what is attacking and where... Does this attack > compromise the host and/or use it to launch another attack do we know? > > Thanks and sorry to post to this list... Just a lot of help.. I reccomend you subscribe to a general security mailing list. Unless you weren't paying attention to the net. I think the attack was brilliant, made code red look like a normal ping flood. and they picked friday night when most people go home for the weekend :) I found out about it at around 12:15AM this morning by a post on bugtraq[1]. checking my firewall logs[2] confirmed it. I subscribe to bugtraq, vulndev, and fulldisclosure mailing lists. not that I have any win32 systems, so I wasn't affected. nate [1] http://online.securityfocus.com/archive/1/308306/2003-01-22/2003-01-28/0 [2] http://portal.aphroland.org/~aphro/mssql.log -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
