From: Howard C. Berkowitz (hcb@gettcomm.com)
Date: Mon Oct 06 2003 - 18:41:24 GMT-3
>Date: Mon, 6 Oct 2003 14:01:31 -0700
>Mime-Version: 1.0 (Apple Message framework v552)
>Subject: CCO/cisco.com issues.
>From: Roland Dobbins <rdobbins@cisco.com>
>To: nanog@merit.edu
>
>
>
>Folks,
>
>We've been handling a multi-vector DDoS - 40-byte spoofed
>SYN-flooding towards www.cisco.com (198.133.219.25/32) as well as an
>HTTP-AUTH resource-exhaustion attack, and working these issues with
>our upstreams. Our apologies for any inconveniences, and our thanks
>to those who've assisted in tracing and blocking the spoofed traffic.
>
>We're continuing the work the issue, and would be grateful if
>operators would check for 40-byte spoofed TCP headed towards
>198.133.219.25/32 and trace/block it as warranted. Your patience
>and understanding are greatly appreciated.
>
>Thanks!
>
>-------------------------------------------------------------
>Roland Dobbins <rdobbins@cisco.com> // 408.527.6376 voice
***Get your CCIE and a FREE vacation: Shop.GroupStudy.com***
This archive was generated by hypermail 2.1.4 : Mon Nov 24 2003 - 07:52:58 GMT-3