Denial of Service Attack

Discussion in 'Computer Support' started by Jim PKP, Apr 2, 2004.

  1. Jim PKP

    Jim PKP Guest

    Hi,

    Sygate has just logged a couple of Denial of Service attacks.
    I backtraced them and got the following but I don't know what it means.
    Chello.fr seems to be a French ISP. In Sygate I have an option to stop
    all active response. Should I????


    % This is the RIPE Whois server.
    % The objects are in RPSL format.
    %
    % Rights restricted by copyright.
    % See http://www.ripe.net/ripencc/pub-services/db/copyright.html

    inetnum: 213.245.72.0 - 213.245.77.255
    netname: MONTREUIL-CUSTOMER-CABLE
    descr: Chello France
    descr: Customers in Montreuil
    country: FR
    admin-c: LG40-RIPE
    admin-c: YK375-RIPE
    tech-c: HMCB1-RIPE
    tech-c: YK375-RIPE
    status: ASSIGNED PA
    remarks: Contact concerning criminal
    remarks: activities like spam, hacks, portscans
    notify:
    mnt-by: CHELLO-MNT
    changed: 20000926
    source: RIPE

    route: 213.245.0.0/16
    descr: FR-CHELLO-991213
    origin: AS6830
    mnt-by: CHELLO-MNT
    changed: 20010213
    source: RIPE

    role: Hostmaster Chello Broadband
    address: UPC Technology
    address: Internet Services
    address: Erlachplatz 116
    address: A-1100 Vienna
    address: Austria
    phone: +43 1 96068 5000
    fax-no: +43 1 96068 5666
    e-mail:
    admin-c: AK991-RIPE
    tech-c: SB666-RIPE
    tech-c: MS2509-RIPE
    tech-c: AK991-RIPE
    nic-hdl: HMCB1-RIPE
    notify:
    mnt-by: CHELLO-MNT
    changed: 20040204
    source: RIPE

    person: Yacine Kheddache
    address: Chello Broadband France
    address: 8, Rue Albert Einstein
    address: F-77420 Champs-sur-Marne
    address: France
    phone: +33 1 700065 85
    fax-no: +33 1 700065 68
    e-mail:
    nic-hdl: YK375-RIPE
    notify:
    mnt-by: CHELLO-MNT
    changed: 20000522
    source: RIPE

    person: Lorenz Glatz
    address: UPC Technology
    address: Erlachgasse 116
    address: A-1100 Vienna
    address: Austria
    phone: +43 1 96068
    fax-no: +43 1 96068 5666
    e-mail:
    nic-hdl: LG40-RIPE
    notify:
    mnt-by: CHELLO-MNT
    changed: 20030626
    source: RIPE




    --
    Jim PKP
     
    Jim PKP, Apr 2, 2004
    #1
    1. Advertising

  2. Jim PKP

    Chad Guest

    "Jim PKP" <> wrote in message
    news:Zgebc.3035$...
    > Hi,
    >
    > Sygate has just logged a couple of Denial of Service attacks.
    > I backtraced them and got the following but I don't know what it means.
    > Chello.fr seems to be a French ISP. In Sygate I have an option to stop
    > all active response. Should I????
    >
    >
    > % This is the RIPE Whois server.
    > % The objects are in RPSL format.
    > %
    > % Rights restricted by copyright.
    > % See http://www.ripe.net/ripencc/pub-services/db/copyright.html
    >
    > inetnum: 213.245.72.0 - 213.245.77.255
    > netname: MONTREUIL-CUSTOMER-CABLE
    > descr: Chello France
    > descr: Customers in Montreuil
    > country: FR
    > admin-c: LG40-RIPE
    > admin-c: YK375-RIPE
    > tech-c: HMCB1-RIPE
    > tech-c: YK375-RIPE
    > status: ASSIGNED PA
    > remarks: Contact concerning criminal
    > remarks: activities like spam, hacks, portscans
    > notify:
    > mnt-by: CHELLO-MNT
    > changed: 20000926
    > source: RIPE
    >
    > route: 213.245.0.0/16
    > descr: FR-CHELLO-991213
    > origin: AS6830
    > mnt-by: CHELLO-MNT
    > changed: 20010213
    > source: RIPE
    >
    > role: Hostmaster Chello Broadband
    > address: UPC Technology
    > address: Internet Services
    > address: Erlachplatz 116
    > address: A-1100 Vienna
    > address: Austria
    > phone: +43 1 96068 5000
    > fax-no: +43 1 96068 5666
    > e-mail:
    > admin-c: AK991-RIPE
    > tech-c: SB666-RIPE
    > tech-c: MS2509-RIPE
    > tech-c: AK991-RIPE
    > nic-hdl: HMCB1-RIPE
    > notify:
    > mnt-by: CHELLO-MNT
    > changed: 20040204
    > source: RIPE
    >
    > person: Yacine Kheddache
    > address: Chello Broadband France
    > address: 8, Rue Albert Einstein
    > address: F-77420 Champs-sur-Marne
    > address: France
    > phone: +33 1 700065 85
    > fax-no: +33 1 700065 68
    > e-mail:
    > nic-hdl: YK375-RIPE
    > notify:
    > mnt-by: CHELLO-MNT
    > changed: 20000522
    > source: RIPE
    >
    > person: Lorenz Glatz
    > address: UPC Technology
    > address: Erlachgasse 116
    > address: A-1100 Vienna
    > address: Austria
    > phone: +43 1 96068
    > fax-no: +43 1 96068 5666
    > e-mail:
    > nic-hdl: LG40-RIPE
    > notify:
    > mnt-by: CHELLO-MNT
    > changed: 20030626
    > source: RIPE
    >
    >
    >
    >
    > --
    > Jim PKP


    99.9% of DoS attacks are from spoof'd IP's. All you can do is call your ISP
    and have them filter the offending IP. If it's multiple IP's, they can
    determine the type of packet and size of it and block that port based on a
    byte size. Eventually the attacker will DoS someone else and your ISP can
    remove it's filters.
     
    Chad, Apr 2, 2004
    #2
    1. Advertising

  3. Jim PKP

    Jim PKP Guest

    Chad started typing and came up with the following On 02/04/2004 18:03:


    >
    >
    > 99.9% of DoS attacks are from spoof'd IP's. All you can do is call your ISP
    > and have them filter the offending IP. If it's multiple IP's, they can
    > determine the type of packet and size of it and block that port based on a
    > byte size. Eventually the attacker will DoS someone else and your ISP can
    > remove it's filters.
    >
    >
    >


    Thanks


    --
    Jim PKP
     
    Jim PKP, Apr 2, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. tony

    denial of service attack?

    tony, Apr 30, 2004, in forum: Cisco
    Replies:
    1
    Views:
    392
    Walter Roberson
    Apr 30, 2004
  2. Replies:
    0
    Views:
    672
  3. crb

    What does denial of service attack mean?

    crb, Apr 30, 2005, in forum: Computer Support
    Replies:
    4
    Views:
    2,108
    ellis_jay
    May 2, 2005
  4. crb

    What is a Denial of Service Attack?

    crb, May 22, 2005, in forum: Computer Support
    Replies:
    2
    Views:
    455
    127.0.0.1
    May 23, 2005
  5. Daeron

    is the current SCO denial of service attack bogus ?

    Daeron, Feb 1, 2004, in forum: Computer Information
    Replies:
    0
    Views:
    678
    Daeron
    Feb 1, 2004
Loading...

Share This Page