Tracking stealth portscan/pepsi attacks
Leigh Porter leigh at insnet.net
Wed Sep 1 13:33:03 CEST 1999
Petra Zeidler wrote: Hiya, INS try to be very co-operative in tracking down the source of any such attacks and in the past I have had nothing but complete co-operation and help from our peers in tracking the source of attacks. It would be interesting though to have a forum in which to dicsuss inter-providor co-operation though with the RIPE database it is usually just a case of calling the NOC of network at the ingress point to your network who would then trace the source to the ingress point of their network and so on. Since these DoS attacks usually last for quite some time this is pretty easy however tracing stealth portscans that could potentially last for a few days could be more interesting. -- Leigh Porter > I'd like to have a chance to catch the perpetrators. This would need to be > a multi-provider cooperation in the majority of cases. > Do we have an appropriate forum to discuss this at the next RIPE meeting?
[ lir-wg Archives ]