The Boston Diaries

The ongoing saga of a programmer who doesn't live in Boston, nor does he even like Boston, but yet named his weblog/journal “The Boston Diaries.”

Go figure.

Wednesday, October 25, 2000

I'm under a wierd network attack. I'm seeing the following:

S:00C07B4D7D81 D:00806981001F  IPv4        S:163.153.172.6   D:208.26.72.31     ICMP    echo request	1038
S:00806981001F D:00C07B4D7D81  IPv4        S:163.153.172.6   D:208.26.72.31     ICMP    echo request	1038
S:00C07B4D7D81 D:00806981001F  IPv4        S:163.153.172.6   D:208.26.72.31     ICMP    echo request	1038
S:00806981001F D:00C07B4D7D81  IPv4        S:163.153.172.6   D:208.26.72.31     ICMP    echo request	1038
S:00C07B4D7D81 D:00806981001F  IPv4        S:163.153.172.6   D:208.26.72.31     ICMP    echo request	1038
S:00806981001F D:00C07B4D7D81  IPv4        S:163.153.172.6   D:208.26.72.31     ICMP    echo request	1038
S:00C07B4D7D81 D:00806981001F  IPv4        S:163.153.172.6   D:208.26.72.31     ICMP    echo request	1038
S:00806981001F D:00C07B4D7D81  IPv4        S:163.153.172.6   D:208.26.72.31     ICMP    echo request	1038
S:00C07B4D7D81 D:00806981001F  IPv4        S:163.153.172.6   D:208.26.72.31     ICMP    echo request	1038
S:00806981001F D:00C07B4D7D81  IPv4        S:163.153.172.6   D:208.26.72.31     ICMP    echo request	1038

Ad nasuem. 00:C0:7B:4D:7D:81 is the ISDN unit, and 00:80:69:81:00:1F is the terminal server I have, which Mark used to dial into, until he got IDSL. I turned the terminal server off, and I'm still seeing echo requests from 163.153.172.6 coming in, every three seconds or so. There's nothing in the packets (just zeros) which is odd. I can't traceroute to 163.153.172.6 so it's probably forged source packets.

The destination IP address is interesting—it was Mark's broadcast address, which leads me to think this is a so called smurf attack.

Obligatory Picture

[It's the most wonderful time of the year!]

Obligatory Contact Info

Obligatory Feeds

Obligatory Links

Obligatory Miscellaneous

You have my permission to link freely to any entry here. Go ahead, I won't bite. I promise.

The dates are the permanent links to that day's entries (or entry, if there is only one entry). The titles are the permanent links to that entry only. The format for the links are simple: Start with the base link for this site: https://boston.conman.org/, then add the date you are interested in, say 2000/08/01, so that would make the final URL:

https://boston.conman.org/2000/08/01

You can also specify the entire month by leaving off the day portion. You can even select an arbitrary portion of time.

You may also note subtle shading of the links and that's intentional: the “closer” the link is (relative to the page) the “brighter” it appears. It's an experiment in using color shading to denote the distance a link is from here. If you don't notice it, don't worry; it's not all that important.

It is assumed that every brand name, slogan, corporate name, symbol, design element, et cetera mentioned in these pages is a protected and/or trademarked entity, the sole property of its owner(s), and acknowledgement of this status is implied.

Copyright © 1999-2023 by Sean Conner. All Rights Reserved.