[nsp-sec] 15 Gbps TCP SYN DoS
Jason Chambers
jchambers at ucla.edu
Sat Apr 20 20:39:02 EDT 2013
On 4/20/13 6:48 AM, Jason Chambers wrote:
>
> But it looks like that was actually a very small DoS attack.. the real
> attack seems to be spoofed from source port 80 and destined to 10,000+
> hosts, a jump from roughly ~22,000 to ~35,000 during the attack.
>
Alright.. sanity has returned. Our edge netflow sensor is generating
bad data. This was a standard SYN flood to port 80 and port 65535
during 2013-04-19 11:55 - 13:00.
Sorry for the noise !
--Jason
More information about the nsp-security
mailing list