ddos

It appears as though some machine(s) on campus is trying to take out an IRCd server. There are literally thousands of spoofed TCP SYN packets heading for a specific machine each second. The packets are pretending to be coming from what appears to be random IP addresses not on our network. So tracing this back to the offending machine(s) is proving to be difficult. We are able to block the traffic at the firewall so it does not consume all of our internet connection, however it is causing problems for out packet shaper and thus internet browsing is being affected somewhat. At the moment my hunch is that there is a machine in Sohre that is causing the problems. But I am not able to pin point it just yet.


Comments

Leave a Reply

Your email address will not be published. Required fields are marked *