Mon Mar 24 17:55:43 UTC 2003
--On Saturday, March 22, 2003 1:52 PM -0700 Vernon Schryver <email@example.com> wrote: > A grossly misconfigured client at 192.168.206.29 has been making > more than 20,000 DCC daily requests of the public DCC servers. > Because that is an RFC 1918 address, it cannot receive any responses. > (It also cannot receive any responses because that address has been > blacklisted.) > > Does anyone have any suggestions on how to find the culprit? > > It's not even close to enough of a problem to use the manual tools > commonly deployed against denial of service attckers, but it would be > nice to identify and fix. Contact your transit provider and ask them to traceback. They'll need to work with their transit providers (if they have any) and their peers. Just another reason for ISPs to actually bother reading RFCs and BCPs.
More information about the DCC