|
-
Jun 20th, 2005, 12:46 AM
#1
What is a TCP Flood
I got a security alert from my phizical firewall (to my e-mail)
It says the time and my comptuer's IP, and another IP (destination IP I guess ?)
So, what is a TCP Flood, and why is that a security risk ?
What happeds when the TCP Floods ?
Thanks
-
Jun 20th, 2005, 01:59 AM
#2
Re: What is a TCP Flood
It is a type of DoS attack. You probably have some spyware or virus (trojan) that is constantly sending packages to a destination trying to bring down an other computer. If it is a virus, then many people might have the same problem as you, and when many computers flood the same IP it is called a DDoS attack.
You should try to get rid of it as fast as possible.
ØØ
-
Jun 20th, 2005, 02:15 PM
#3
Re: What is a TCP Flood
Thanks for the reply,
I found the problem.
I did a "tracert" to the remote IP, and found out that it's actually a web-site I visited. (Actually a program I made  )
I made the program to download all pictures on the web-site I tell it to 
I guess the firewall detects a TCP Flood because it's doing it fast ?
-
Jun 21st, 2005, 01:42 AM
#4
Re: What is a TCP Flood
If the program is making lots of HTTP requests then it is possible that the firewall detects it as a DoS attack. Does the program still work properly?
-
Jun 21st, 2005, 02:05 AM
#5
Re: What is a TCP Flood
 Originally Posted by CVMichael
I guess the firewall detects a TCP Flood because it's doing it fast ?
Yeah, as VisualAd says, that is probably why. Many calls to the same IP is more or less the definitoin of DoS...
ØØ
-
Jun 21st, 2005, 09:48 AM
#6
Re: What is a TCP Flood
Yes, the program works properly....
Well, I made it download the pictures with INet control, and it's not multithreaded either... so it does not download more than one picture at one time... so it's not THAT fast. It's just fast compared with a user (when downloading manually), but I doubt it's as fast so that the firewall would detect a DDoS attack...
Actually, now that I thought about this more, at the same time my program was downloading I was browsing the website using Avant Browser, wich i think it IS multithreaded. Yea, the browser is more likely that created the TCP Flood...
Well, anyways...
I have Norton AntiVirus installed, and up do date, and the Windows AntiSpyware (for windows XP), so i'm sure one of them would detect a virus or spyware program...
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|
Reply With Quote
