This topic has been archived. It cannot be replied.
-
工作学习 / IT技术讨论 / My W2k server is being attacked by icmp flooding for several hours, it looks thousands of host is talking with it, Who know how to find the attacker or block the attack??
-guest:;
2001-9-8
(#193550@0)
-
up
-guest:;
2001-9-8
(#193555@0)
-
If you are really under such attack, the only thing you can do is to unplug it from the network. Usually you can't find the attacker, because the IP is spoofed.
-dennis2(Dennis);
2001-9-8
(#193558@0)
-
thx, the guy put a root.exe in my iis/script, then I get ride of it, and it looks the guy's pretty mad about me. I just want to give some gift back to the little buster.
-guest:;
2001-9-8
(#193559@0)
-
Get winroute and configure it to drop icmp on the ground. Winroute is pretty good in windows world.
-dennis2(Dennis);
2001-9-8
(#193578@0)
-
why did n't install a firewall
-yellow(yellow);
2001-9-8
(#193568@0)
-
got black ice , no use. I am using adsl so can not afford a cisco fw.
-guest:;
2001-9-8
(#193575@0)
-
I think my server is hacked by those buster.........I get a new ip now, (dhcp), and it keep on try arp a lot of ip, them about 20 mins later the icmp flood report from black ice come back again. funny. Thx your guys any way.
It 's just a dot net test server. so doesn't matter. I plan to reinstall the system.
w2k + sp1 (without index server)+ dot.net platform + blackie 2.5
can not prevent attacking.
be careful guys.
-guest:;
2001-9-8
{375}
(#193579@0)