Comments on: New wave of nuwars storming in http://blogs.mcafee.com/mcafee-labs/new-wave-of-nuwars-storming-in Tue, 29 Nov 2011 07:51:20 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Pablo Barrachina http://blogs.mcafee.com/mcafee-labs/new-wave-of-nuwars-storming-in/comment-page-1#comment-11307 Pablo Barrachina Fri, 31 Aug 2007 18:48:28 +0000 http://blogs.mcafee.com/2007/08/07/new-wave-of-nuwars-storming-in/#comment-11307 We are an ISP in Spain and we have been receiving an extrange DOS atact that is growing since yesterday. This is the only reference I found to explain the problem. Let me explain the case. The attack is performed to the mail server, the connection is open but never closed by the client side. The connection is closed by the mailserver after timeout. With this method they exhaust sockets rapidly. We have been identifying infected Ip at a rate of 16.000 per hour Today. It was about 8000 yesterday. What will it be on Monday? We have been managing the situacion but this is can get worse as people comes back from summer holidays next Monday. I would like to know if there any other suffering this. Pablo Barrachina http://www.digitalvalue.es/ We are an ISP in Spain and we have been receiving an extrange DOS atact that is growing since yesterday. This is the only reference I found to explain the problem.

Let me explain the case. The attack is performed to the mail server, the connection is open but never closed by the client side. The connection is closed by the mailserver after timeout. With this method they exhaust sockets rapidly.

We have been identifying infected Ip at a rate of 16.000 per hour Today. It was about 8000 yesterday. What will it be on Monday? We have been managing the situacion but this is can get worse as people comes back from summer holidays next Monday.

I would like to know if there any other suffering this.

Pablo Barrachina
http://www.digitalvalue.es/

]]> By: omarg http://blogs.mcafee.com/mcafee-labs/new-wave-of-nuwars-storming-in/comment-page-1#comment-11306 omarg Fri, 10 Aug 2007 05:06:14 +0000 http://blogs.mcafee.com/2007/08/07/new-wave-of-nuwars-storming-in/#comment-11306 sound very nasty :( > We are keeping our eyes open! You mean, you cannot sleep now after seeing this? sound very nasty :(

> We are keeping our eyes open!

You mean, you cannot sleep now after seeing this?

]]> By: alex http://blogs.mcafee.com/mcafee-labs/new-wave-of-nuwars-storming-in/comment-page-1#comment-11305 alex Thu, 09 Aug 2007 18:59:39 +0000 http://blogs.mcafee.com/2007/08/07/new-wave-of-nuwars-storming-in/#comment-11305 install ubuntu and live happy :) install ubuntu and live happy :)

]]> By: Traci http://blogs.mcafee.com/mcafee-labs/new-wave-of-nuwars-storming-in/comment-page-1#comment-11304 Traci Wed, 08 Aug 2007 17:31:35 +0000 http://blogs.mcafee.com/2007/08/07/new-wave-of-nuwars-storming-in/#comment-11304 How do we then destroy this if we have been infected? How do we then destroy this if we have been infected?

]]>