[nsp-sec] DSL reports under ddos -- C&C info - AS 9121 (TR)
Smith, Donald
Donald.Smith at qwest.com
Wed Mar 19 18:00:03 EDT 2008
Thanks Ryan for verifying this.
RM=for(1)
{manage_risk(identify_risk(product[i++]) &&
(identify_threat[product[i++]))}
Donald.Smith at qwest.com giac
> -----Original Message-----
> From: nsp-security-bounces at puck.nether.net
> [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of Ryan Pavely
> Sent: Wednesday, March 19, 2008 2:18 PM
> To: nsp-security at puck.nether.net
> Subject: Re: [nsp-sec] DSL reports under ddos -- C&C info -
> AS 9121 (TR)
>
> ----------- nsp-security Confidential --------
>
> Ok I lied. Yeah we saw some packet love, low bw high pps,
> between 05:00
> and 09:00 am EST.
>
> (Interface to DslReports in Parsippany, NJ)
>
>
> Sadly my historical netflow archive san is offline this week for
> maintenance else I'd look back at that time frame and independently
> confirm some source/dest info.
>
>
>
> --
> Ryan Pavely
> Director Research And Development
> Net Access Corporation
> http://www.nac.net/ http://www.15minuteservers.com/
>
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the
> nsp-security
> community. Confidentiality is essential for effective
> Internet security counter-measures.
> _______________________________________________
>
>
This communication is the property of Qwest and may contain confidential or
privileged information. Unauthorized use of this communication is strictly
prohibited and may be unlawful. If you have received this communication
in error, please immediately notify the sender by reply e-mail and destroy
all copies of the communication and any attachments.
More information about the nsp-security
mailing list