Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17

Thread: WhatsUP DOS attack

  1. #11
    Join Date
    Oct 2006
    Location
    SLC, UofU
    Beans
    684
    Distro
    Kubuntu Jaunty Jackalope (testing)

    Re: WhatsUP DOS attack

    Someone probably did a scan with whatsup, and didn't set any limits. Once a machine is configured in whatsup, it will continue to scan that machine unless told otherwise. It can be configured to scan specific ports and web pages for uptime. Add an access directive to your apache configuration to block it, though it doesn't look like any pages are being served anyway...
    --Superb--

  2. #12
    Join Date
    Apr 2006
    Beans
    23
    Distro
    Kubuntu 7.10 Gutsy Gibbon

    Re: WhatsUP DOS attack

    i would go strate to him not like its doing any harm, just ask to to exit the program or/and uninstall it (asumeing windows PC)

    if you do not want to just black list his ip on the router (asumeing thats running linux and you have access to it) he will come to you and you can just say this IP was attacking an computer on the network so it blocked it on its own to stop it

    is its your boss pc or somthing

  3. #13
    Join Date
    Nov 2007
    Location
    London, England
    Beans
    5,793
    Distro
    Xubuntu 15.04 Vivid Vervet

    Re: WhatsUP DOS attack

    My guess is that Whatsup did an automatic discovery of things on the network and started polling them periodically to make sure they are still working. If the web service stops, an icon on whatsup will change colour to indicate a failure.

    Autodiscovery is a quick and easy way to begin monitoring a network for failures by network admin staff.

  4. #14
    Join Date
    Jun 2007
    Location
    Porirua, New Zealand
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: WhatsUP DOS attack

    Quote Originally Posted by cjtjamandra View Post
    So you mean it's not a DOS attack? Then why it is accessing my apache server?
    BTW I'm aware of at least two meanings for the acronym "DOS" (Disk Operaging System and Denial Of Service) but the team here is probably aware of that. I remember being vaguely baffled at first by talk of "COM" files for Windows (again, more than one meaning, COMmand and COMponent)

    p.s Please go easy on me - perhaps the literal-minded autistic side to my makeup is making a nuisance of itself
    Forum DOs and DON'Ts
    Never assume that information you find using a search engine is up-to-date.

  5. #15
    Join Date
    Jan 2008
    Beans
    66

    Re: WhatsUP DOS attack

    thanks for the clarifications.. now iam more aware about this WhatsUp thing.

    what i have done is block that ip using iptables...

    But iam still confused, can WhatsUp be used as a Denial of Service attack?

  6. #16
    Join Date
    Oct 2006
    Location
    SLC, UofU
    Beans
    684
    Distro
    Kubuntu Jaunty Jackalope (testing)

    Re: WhatsUP DOS attack

    Technically, yes, sortof.
    Realistically, no, not really.
    --Superb--

  7. #17
    Join Date
    Nov 2007
    Location
    London, England
    Beans
    5,793
    Distro
    Xubuntu 15.04 Vivid Vervet

    Re: WhatsUP DOS attack

    It's not an attack tool. It's a monitoring tool. It checks periodically to see if your web service is still there and working by sending a GET /.

    You can use it to find the devices on the network that are running common services (like HTTP) but that's discovery, not an attack. That info might help someone who wants to do an attack, but its a mighty poor way to reap that information if attacking is your objective. Nessus or nmap would bore likely be an attackers tool of choice.

Page 2 of 2 FirstFirst 12

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •