[nsp-sec] One Internet, One Olympic Games

[Yonglin ZHOU]

Johe,

As far as I know, the Beijing Olympic Games Official site has more
than 200 mirror sites outside China as a CND network. We don't have
the ip list.
So the attacks targetting the domain name will go to diffrent IPs
according to the source IP.

Maybe the best way is to resolve the domain in your network to get the IPs.

In China, they also have several mirror sites. We are waiting for the
list from Olympic Games Org Committee but not sure whether are
permitted to share out.

Anyway, when attak happens, we will provide info as detailed as we can.

Thank you for the comment, John.

Yonglin.

On Wed, Jul 30, 2008 at 12:09 AM, John Fraizer <john at op-sec.us> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> It would be MUCH easier to profile our traffic to/from the Olympic events if we had a netblock
> to watch traffic to/from.  My flow analysis tools don't take FQDN as a match criteria. :(
>
> John
> AS11456
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.5 (GNU/Linux)
> Comment: Using GnuPG with PCLinuxOS - http://enigmail.mozdev.org
>
> iD8DBQFIj0DC+16lRpJszIgRAmH+AJ9Kon6fKgMhccA2MFllWJMOCAIspwCdEeQ5
> HTcvgGSgUt/wTlvzYb9pVAU=
> =vPy9
> -----END PGP SIGNATURE-----
>



-- 
-------[CNCERT/CC]-----------------------------------------------
Zhou, Yonglin 【周勇林】
CNCERT/CC, P.R.China 【国家计算机网络应急技术处理协调中心】
Tel: +86 10 82990355 Fax: +86 10 82990399 Web: www.cert.org.cn
Finger Print: 9AF3 E830 A350 218D BD2C 2B65 6F60 BEFB 3962 1C64
-----------------------------------------------[CNCERT/CC]-------