DOS attack over the weekend
Hello list,
Over the weekend, the T1 at work was DOSed by an ip that appears to
belong to a University in Germany. Since it was coming from a university
and not an isp, I was hoping I would be more likely to get some action
done about it, instead of being ignored.
But I have a couple of questions before I work on reporting it. Has
anyone had good success getting this kind of problem dealt with by a
university before? What are the chances the IP was spoofed that was
DOS'ing us, for the purpose of using our server(s) as part of a DDOS
against the university?
Does anyone know of a good tool that would warn us about possible DOS
attacks? I know we can't stop the DOS from our side, but at least it
would give us a head start on our troubleshooting. Our ISP tells us they
were flooding us with approximately 10,000 udp packets/second - causing
25 - 50% packet loss when I would try to ping our servers from the
outside.
I would ask if anyone has any good contacts at this university, except
I'm leaving their name unmentioned for now.
TIA,
Jacob
Reply to: