A DoS, Denial of Service attack floods a particular port with requests
that are never answered. The result is your os (server,router,portmaster)
ends up with a bunch of open requests that eat up memory.
Most DoS attacks use a spoofed address, nonroutable existing address, to
hide their source. We have found that this causes a number of ICMP
redirects in the syslog file. We'll then go to the router and ban that
particular ip. The bad thing about a DoS attack is that it mimics an
actual request for service.
Now, how this applies to the portmaster I don't know. A portmaster only
provides a basic function. Its possible to deny telnet access but that
doesn't shut the portmaster down. Up to know I really hadn't thought it
possible to do a DoS attack on a portmaster and actually take it off line.
I would ask the question: Was the root password compromised?
Rob
Systems Programmer "Open the doors of your stores
rob@fgi.net 24 hours a day"
morgan@springpatch.com Springpatch Mall
http://www.springpatch.com