[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

detecting a DDOS attack

From: Bill Tangren <bjt aa usno navy mil>
To: redhat-list redhat com
Subject: detecting a DDOS attack
Date: Fri Oct 31 09:34:05 2003

Hello all,

Our network had been VERY slow in the last two weeks. We have a T3 line, but sftp transfer rates are down around 10kB/sec now. I suspect some type of attack on our firewalls, though I've never heard of an attack being sustained for so long.

Could someone tell me what to look for? My logs ( I run several servers behind the firewall, but I don't administer the firewall itself) don't show anything unusual that I can find. I have been examining web server logs, and mail logs, and I scrutinize the output from LogWatch.

Where else should I look?

TIA,

Bill Tangren

Follow-Ups:
- Re: detecting a DDOS attack
  - From: Jason Dixon
- Re: detecting a DDOS attack
  - From: Ed Wilts

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]