[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: F9 DOS attack



On Wed, 2008-11-26 at 19:56 -0500, Dave Feustel wrote:
> I don't run any servers.

Does that mean you don't use them, or that you've actually turned them
off?

> Makes me wonder what I did to provoke the attack

Possibly nothing.  For some victims, merely existing is reason enough.

Years ago, I used to notice increased firewall activity any time I made
a public posting.  I wasn't doing anything inflammatory, so I assume
that miscreants were monitoring the list to capture what they hoped were
currently in-use IP addresses.  These days, there's less point in doing
that, with always-on DSL and cable services, many of the IP addresses
will always be in-use.  Though the capturing idea does tend to identify
an IP address and the OS in use, which they might go looking for ones
with vulnerabilities that they know how to exploit.


-- 
[tim localhost ~]$ uname -r
2.6.27.5-41.fc9.i686

Don't send private replies to my address, the mailbox is ignored.  I
read messages from the public lists.




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]