Article 6818 at 06/09/11 12:27:08 From: dmobley (at mark) uhostme.net Subject: [coba-e:06818] Re: DDoS attack

Index: [Article Count Order] [Thread]

Date:  Sun, 10 Sep 2006 23:26:56 -0400
From:  "Darrell D. Mobley" <dmobley (at mark) uhostme.net>
Subject:  [coba-e:06818] Re: DDoS attack
To:  <coba-e (at mark) bluequartz.org>
Message-Id:  <000001c6d552$22666bd0$6400a8c0@YOUR4105E587B6>
In-Reply-To:  <200609110441.03849.bq (at mark) solarspeed.net>
X-Mail-Count: 06818

Isn't life grand!  ;-)

> -----Original Message-----
> From: Michael Stauber [mailto:bq (at mark) solarspeed.net]
> Sent: Sunday, September 10, 2006 10:41 PM
> To: coba-e (at mark) bluequartz.org
> Subject: [coba-e:06817] Re: DDoS attack
> 
> Hi Darrell,
> 
> > My question: if using Portsentry in "anal" mode, which included ports 80
> > and 110, would accessing the webserver or email cause it to detect and
> > attack and block my IP address? 狢 have deleted those two ports since
> > discovering this but want to understand what really happened.
> 
> If your Portsentry started before Apache could bind to port 80 and Xinetd
> could bind to port 110 ... then yeah. That's what locked you out.
> 
> --
> 
> With best regards,
> 
> Michael Stauber