February 17th, 2003, 04:07 PM
AOs IP's ???
Tell you what I've been kicked of the net by a fool using a SYN DoS attack . It's not a big deal coze a proper configuration of my firewall based on the IP (spoofed) source of my attacker did work (I've been lucky the bloody "#!&?§ kid that attack is far to be blackhat).
I have 2 questions for the AO community:
1- I really enjoy AO , I learnt a lot and hopefully will! But ...
May I exclude that the attacker is AO member (At this time it was the only forum I was in!). In another word. Does any AO member may learn my IP@ (like in classic IRC)???
I don't see any reason why a AO wanted to kick my ass out, it's probably a kid playing with nmap on random address, but I wanted to make it sure!
2- This happened on my home PC. I'm thinking of changing my OS to linux although my wife & children are against its "non-user friendly interface" becoze Netfilter seems to be very more effective , powerful and flexible tool to use than the classical ZoneAlarm (& free of charge).
I read somewhere (I don't remember where) that Linux accept up to 5 simultaneous TCP connections on 1 port, protecting the kernel from crashing on buffer overflow under SYN flood attacks . MSWindows in an other hand has no such SYN limitation.
Is that true? And is this limiting parameter modifiable?
[shadow] SHARING KNOWLEDGE[/shadow]
February 17th, 2003, 04:16 PM
I'm not an irc-specialist but I do think you can filter out someones DNS from some info, while chatting. I could be wrong, but then again I'm not a specialist on this topic.
I would never think it was an AO-er that did the attack, but you'll never know....
Most of the guys I know from here wouldn't do this....I think
February 17th, 2003, 04:43 PM
ao members dont have acces to the server logs to see your ip when your in the forums. So i doubt its someone here unless its one of our kiddies that just happened to be scanning your ip range. i didn't notice any obvious links in your profile so inless you linked a graphic from your server or gave your ip in a thread the odds are really against it coming from one of us.
Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”
February 17th, 2003, 11:21 PM
i know on irc, yahoo mail and stuff like that if you go to the command line and run nbtstats , and send them a message directly, it will give their ip. i assume that works with AO
Did curiousity really kill the cat, or is that just what they want you to think?
February 17th, 2003, 11:34 PM
Uhm, I heard about a simple but efficient way to obtain some IPs on forums like this one (I never tried it but it could work on virtually any forum I think). As I don't want to give even a little weapon into the script kiddie's hands who will probably read this thread, I will send you a PM.
If someone wants explanations, you can PM me about it.
edit: after thinking, I think my method will not work on AO. I should verify this.
edit2: rethinking about it and considering a function I have forgotten, I think it can finally work on AO.
Life is boring. Play NetHack... --more--