[nsp-sec] DSL reports under ddos -- C&C info - AS 9121 (TR)
Jose Nazario
jose at arbor.net
Wed Mar 19 10:00:57 EDT 2008
DSL reports are saying that they're managing to weather the attack through
/32 filtering. over 1100 /32s filtered ...
the attack is an HTTP GET flood, so no spoofing is going on. if you're IP
is on their list (published in google docs) it's worth investigating in my
estimation.
thanks everyone
-------------------------------------------------------------
jose nazario, ph.d. <jose at arbor.net>
security researcher, office of the CTO, arbor networks
v: (734) 821 1427 http://asert.arbornetworks.com/
More information about the nsp-security
mailing list