- Joined
- Oct 31, 2001
- Location
- Lost Angeles
Hey all,
I have a good problem here at work. Our LAN is a 1.1MB ADSL (Covad line) using a Netopia Router, a SonicWall Pro firewall, a D-Link DSS24+ 'smart' switch, and W2K adv. server running DHCP, DNS, and NAT. The LAN is connected to our bosses home via a T-1 line via Cisco 1000 routers.
So here's the problem: I have an end user on the other side of the T-1 who has three G4's and running his own subnet of DHCP addresses and he is getting hammered by DOS attacks.
I have no idea how his G4's are being singled out, or how the packets are getting through our gateway router, the switch, the local Cisco, the T-1, the WAN Cisco, his Linksys router/switch.
Anyone know how an attack can single out a particular set of machines through two subnets of DHCP? I'm assuming it's a MAC address thing, or maybe there are these packets cruising my network without my knowledge which would mean I'd need a quick, easy, and hopefully free program to test LAN traffic.
Any help would be appreciated.
Wedo
I have a good problem here at work. Our LAN is a 1.1MB ADSL (Covad line) using a Netopia Router, a SonicWall Pro firewall, a D-Link DSS24+ 'smart' switch, and W2K adv. server running DHCP, DNS, and NAT. The LAN is connected to our bosses home via a T-1 line via Cisco 1000 routers.
So here's the problem: I have an end user on the other side of the T-1 who has three G4's and running his own subnet of DHCP addresses and he is getting hammered by DOS attacks.
I have no idea how his G4's are being singled out, or how the packets are getting through our gateway router, the switch, the local Cisco, the T-1, the WAN Cisco, his Linksys router/switch.
Anyone know how an attack can single out a particular set of machines through two subnets of DHCP? I'm assuming it's a MAC address thing, or maybe there are these packets cruising my network without my knowledge which would mean I'd need a quick, easy, and hopefully free program to test LAN traffic.
Any help would be appreciated.
Wedo
Any ideas?
