[nsp-sec] [ACK 812] 6Gbps (peak) attack ongoing
Philip Taylor
Philip.Taylor at rci.rogers.com
Fri Jun 20 12:35:30 EDT 2008
ACK 812
-----Original Message-----
From: nsp-security-bounces at puck.nether.net
[mailto:nsp-security-bounces at puck.nether.net] On Behalf Of Neil Long
Sent: Friday, June 20, 2008 5:37 AM
To: nsp-security NSP
Subject: [nsp-sec] 6Gbps (peak) attack ongoing
----------- nsp-security Confidential --------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi
We just received information regarding a hefty attack (tcp and udp
port 80) where the c&c are
> 195.228.74.242 port 80
> 212.214.41.35 port 53
both in DDoS-RS which we have listed as mail.purplelots.com and
live.jugekid.info in dnsrr
Participating IPs are
https://asn.cymru.com/nsp-sec/upload/1213953493.whois.txt
AS numbers and count for IPs in the above file
22 1
81 1
174 1
209 57
237 2
557 1
600 1
684 11
701 10
703 1
803 2
812 74
1239 7
1249 1
1706 1
1785 2
1916 1
2042 1
2379 17
2497 2
2510 5
2514 2
2516 7
2518 5
2527 1
2711 1
2716 1
2828 12
2915 3
3215 10
3356 5
3462 16
3549 5
3583 1
3593 2
3602 3
3605 1
3663 1
3737 5
3748 1
3758 1
3790 2
3801 1
3816 22
3909 1
4134 22
4181 5
4230 14
4323 10
4385 1
4538 2
4685 3
4691 1
4713 52
4725 6
4732 2
4739 15
4764 2
4766 5
4775 6
4786 1
4802 9
4804 51
4808 8
4812 6
4837 14
5009 2
5056 1
5088 1
5639 7
5645 6
5650 2
5668 9
5690 1
5752 1
5760 1
5769 147
5778 5
6057 3
6079 12
6128 106
6140 6
6147 18
6167 3
6197 6
6198 19
6221 1
6222 2
6298 12
6300 2
6306 1
6315 1
6327 95
6332 9
6383 2
6386 4
6388 3
6389 52
6400 21
6429 4
6453 2
6458 7
6461 1
6478 39
6517 1
6539 2
6621 2
6648 20
6983 2
7011 2
7015 66
7016 19
7017 6
7018 15
7029 9
7098 1
7132 288
7212 1
7228 1
7341 1
7385 2
7418 65
7459 2
7545 30
7552 2
7629 1
7633 1
7643 11
7671 1
7679 2
7718 1
7725 41
7738 81
7757 13
7843 9
7925 1
7992 33
8018 1
8048 61
8065 13
8151 69
8163 2
8167 54
8584 2
8781 1
9241 1
9299 49
9354 2
9365 1
9386 3
9480 1
9498 83
9506 25
9556 4
9583 10
9595 1
9617 1
9658 1
9723 2
9797 1
9812 2
9822 2
9824 4
9829 19
9942 1
10010 1
10021 4
10091 44
10101 1
10113 1
10139 49
10143 9
10201 2
10223 1
10292 4
10297 1
10299 1
10311 16
10396 10
10429 4
10481 20
10507 4
10617 1
10620 10
10796 46
10838 4
10881 1
10910 1
10938 1
10993 1
10994 43
11014 1
11060 15
11081 3
11134 1
11172 4
11175 1
11181 1
11215 2
11242 3
11260 18
11290 15
11311 1
11351 72
11367 1
11398 1
11426 37
11427 60
11492 15
11509 1
11530 2
11556 2
11664 1
11666 1
11707 1
11776 1
11830 7
11913 1
11955 10
11992 4
12026 1
12035 1
12066 2
12083 2
12127 3
12177 1
12231 2
12262 6
12270 1
12271 28
12975 2
13343 44
13367 18
13368 1
13371 1
13385 1
13407 1
13432 12
13451 1
13489 7
13490 4
13560 1
13576 1
13585 1
13609 1
13693 3
13776 1
13787 1
13999 13
14000 1
14051 2
14080 3
14155 1
14188 1
14234 1
14259 5
14265 3
14288 1
14291 1
14311 1
14359 1
14366 2
14472 1
14502 1
14522 1
14550 1
14566 1
14615 1
14638 5
14677 1
14729 1
14751 1
14758 2
14793 1
14905 2
14921 3
14989 1
15146 9
15180 4
15290 3
15305 1
16467 1
16586 5
16629 2
16718 4
16735 4
16787 1
16796 1
16810 1
16814 7
16831 1
16889 1
16904 1
16960 4
16988 1
17093 1
17126 1
17184 2
17222 2
17310 1
17379 4
17401 2
17488 5
17506 2
17511 2
17529 1
17565 16
17623 1
17639 2
17676 13
17698 2
17747 1
17805 1
17816 1
17883 1
17895 1
17897 2
17962 1
17974 7
18026 1
18104 1
18114 1
18182 2
18200 2
18207 6
18221 1
18229 1
18390 1
18396 3
18494 1
18503 1
18563 1
18566 4
18747 3
18809 5
18812 2
18881 37
18940 1
18943 1
18988 1
19016 2
19090 11
19108 20
19114 1
19115 3
19130 1
19169 1
19182 4
19250 1
19262 2
19292 1
19429 18
20001 40
20015 1
20115 21
20124 1
20191 1
20214 59
20231 3
20299 4
20456 1
21508 16
21515 1
21548 1
21565 1
21580 1
21677 1
21686 1
21688 1
21724 1
21804 1
21864 1
21947 1
21949 1
22011 1
22019 1
22047 73
22085 1
22258 14
22291 24
22313 1
22318 1
22368 1
22402 1
22541 1
22566 2
22689 2
22709 1
22759 1
22773 63
22781 1
22799 1
22833 6
22927 43
22950 1
23100 1
23106 5
23184 6
23682 2
23693 1
23832 1
23851 1
24139 1
24186 1
24314 1
24321 1
24326 29
24536 1
24731 3
25019 11
25233 3
25620 1
25710 1
25983 1
25994 2
26091 1
26166 1
26579 1
26596 2
26599 3
26790 1
26793 1
26900 1
27306 1
27364 10
27375 1
27568 1
27650 1
27656 1
27665 2
27695 1
27699 88
27716 1
27724 2
27725 1
27737 1
27747 1
27751 1
27757 1
27805 3
27831 1
27879 1
27937 1
28280 1
28285 1
28300 1
28349 2
28509 1
28512 1
28573 77
28611 3
28615 1
28648 1
29160 1
29737 3
29765 1
29859 3
29895 7
29933 1
29974 1
30101 1
30160 3
30336 3
30407 2
30462 1
30612 1
30689 2
31416 1
32020 1
32098 2
32107 3
32244 1
32277 3
32448 2
32480 1
32703 1
32706 1
32757 1
32939 1
32984 3
33038 1
33170 1
33287 88
33363 1
33490 31
33491 95
33545 3
33638 1
33650 33
33651 69
33652 33
33653 1
33654 3
33655 2
33657 36
33659 7
33660 10
33662 20
33666 3
33667 5
33668 38
34397 2
34426 1
36253 1
36351 1
36423 4
36727 19
36817 1
37925 1
37967 1
37992 1
37995 1
40064 1
40099 1
40246 1
40285 1
40309 1
40312 1
40473 1
42298 8
43373 1
64351 8
- --
Neil Long, Team Cymru
http://www.cymru.com | +1 312 924 4022 | neil at cymru.com
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.0.6 (Build 6060)
iQEVAwUBSFt6O9gB4lhqRtnkAQI4eQgA3xccjv0LD3IhuJeAPNxJt4A5IpIoam44
HLEBXwLE5L5WR0ulewX99z9PFqgysZbReGgCeM7ffG1JJM46inkwgFm8Yg6fR3um
UWqNW+RkSP4uKK/USiuZT/iM0FXS/VUTjHI21f2DXrQvS/muGOCYQ6Y8a7s/kObK
PINy76OeplXiMxrf1cXcpjTA7W6UOb9f5Wo6J7bcUiAZ2kcuwpIMswDXb/XL0Nf+
YQukqogLp/fYGT2Ji0L5iqyuxmzZVHkSYMeFaIjih85n7EQm2ZrnKujuk5YQZ2iJ
KPemKLvbeT95Y1k+CCX5GHdCG3tUdWwa3igB1Ql+iH/3guSNMs5/BQ==
=PhCa
-----END PGP SIGNATURE-----
_______________________________________________
nsp-security mailing list
nsp-security at puck.nether.net
https://puck.nether.net/mailman/listinfo/nsp-security
Please do not Forward, CC, or BCC this E-mail outside of the
nsp-security community. Confidentiality is essential for effective
Internet security counter-measures.
_______________________________________________
More information about the nsp-security
mailing list