Network Security: Detailed info on Re: Port 7000 (Apple File Share) DoS/DDoS underway

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Incidents

[Top] [All Lists]

Re: Port 7000 (Apple File Share) DoS/DDoS underway

from [Jonathan Nichols] Network Security

[Permanent Link]

Subject:	Re: Port 7000 (Apple File Share) DoS/DDoS underway
Date:	Wed, 22 Sep 2004 11:18:02 -0700

David Gillett wrote:

  A handful of machines, nowhere near me (network prefixes
218, 211, and 61) seem to be sending a mix of SYN-ACK and
RST packets, all with a source port of 7000, to assorted
(random) addresses in my public Class B range.

  I expect this means that someone is spoofing random source
addresses -- many of them in my range, but who knows how many
in others... -- and ports and SYN-flooding those half-dozen
machines.

  So far, reverse DNS and traceroute haven't helped me identify
the victims.


Apple File Protocol is actually port 548, not port 7000.

If I recall correctly, afs3 is a NFS like file system by IBM.. but it's not by Apple. :)

-Jonathan

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Port 7000 (Apple File Share) DoS/DDoS underway, (continued) Re: Port 7000 (Apple File Share) DoS/DDoS underway, Christine Kronberg Re: Port 7000 (Apple File Share) DoS/DDoS underway, Chris Krough Re: Port 7000 (Apple File Share) DoS/DDoS underway, Chris Krough DoS/DDoS on port 1863(MSN protocol), Diego Sebastián González RE: DoS/DDoS on port 1863(MSN protocol), easternerd Re: DoS/DDoS on port 1863(MSN protocol), Kevin Reardon Re: DoS/DDoS on port 1863(MSN protocol), Tillman Hodgson data payload in SYN (Re: DoS/DDoS on port 1863(MSN protocol)), Martin Mačok Re: DoS/DDoS on port 1863(MSN protocol), terry white Re: DoS/DDoS on port 1863(MSN protocol), Martin Mačok Re: Port 7000 (Apple File Share) DoS/DDoS underway, Jonathan Nichols <= Re: Yahoo Account hacking, xploitable

Previous by Date:	Re: Port 7000 (Apple File Share) DoS/DDoS underway, Chris Krough
Next by Date:	Re: Port 7000 (Apple File Share) DoS/DDoS underway, Christine Kronberg
Previous by Thread:	Re: DoS/DDoS on port 1863(MSN protocol), Martin Mačok
Next by Thread:	Re: Yahoo Account hacking, xploitable
Indexes:	[Date] [Thread] [Top] [All Lists]