[nsp-sec] qwest user is misbehaving...

[Smith, Donald]

Justin, I will check and see if I can tell what is going on.
Do you have any additional details wrt this traffic?


RM=for(1)
{manage_risk(identify_risk(product[i++]) &&
(identify_threat[product[i++]))}
Donald.Smith at qwest.com giac 

> -----Original Message-----
> From: nsp-security-bounces at puck.nether.net 
> [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of 
> Justin M. Streiner
> Sent: Wednesday, March 26, 2008 11:48 AM
> To: nsp-security at puck.nether.net
> Subject: [nsp-sec] qwest user is misbehaving...
> 
> ----------- nsp-security Confidential --------
> 
> If someone from Qwest is about, you may want to take a peek at 
> 71.209.76.145, which from its DNS appears to be a DSL user in 
> Cheyenne, 
> WY.
> 
> He's sending out some pretty aggressive ICMP/8 traffic to a 
> scatter-shot 
> of hosts over here in AS4130.  I have him stopped at our 
> borders, but he 
> was definitely making our DNS servers unhappy before I put 
> the filters in.
> 
> If someone with clue and enable could take a peek and "show 
> this person 
> the path to enlightenment" I'd be quite appreciative :)
> 
> jms
> 
> Network Engineer
> University of Pittsburgh - AS4130
> 
> 
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
> 
> Please do not Forward, CC, or BCC this E-mail outside of the 
> nsp-security
> community. Confidentiality is essential for effective 
> Internet security counter-measures.
> _______________________________________________
> 
> 


This communication is the property of Qwest and may contain confidential or
privileged information. Unauthorized use of this communication is strictly 
prohibited and may be unlawful.  If you have received this communication 
in error, please immediately notify the sender by reply e-mail and destroy 
all copies of the communication and any attachments.