[nsp-sec] ACK 21844 Re: heads up ThePlanet 21844

Chris Newcomb chris at abuse.ev1servers.net
Fri Sep 26 09:23:43 EDT 2008 

Thanks..

Chris Morrow wrote:
> ----------- nsp-security Confidential --------
> 
> 
> This came up amongst the atrivo conversations on nanog today, someone
> ('term' from NZ) getting some udp lovin from 4-5 'the planet' ip addrs,
> logs below, but condensed to:
> 
>> I can give you the source address's
>> 66.98.198.57
>> 66.98.198.73
>> 67.15.10.34
>> 207.44.228.86
>>
>> (Current) Destination address's are
>> 58.28.4.2
>> 58.28.6.2
> 
> Hopefully this has already popped up on your arbor console :)
> 
> -Chris
> just passing it along... :)
> 
> show firewall log detail
> Time of Log: 2008-09-26 13:36:23 NZST, Filter: pfe, Filter action:
> discard, Name of interface: ge-2/0/0.402
> Name of protocol: UDP, Packet Length: 29, Source address:
> 207.44.228.86:40582, Destination address: 58.28.4.2:19182
> Time of Log: 2008-09-26 13:36:23 NZST, Filter: pfe, Filter action:
> discard, Name of interface: ge-2/0/0.402
> Name of protocol: UDP, Packet Length: 29, Source address:
> 66.98.168.73:32812, Destination address: 58.28.4.2:38827
> Time of Log: 2008-09-26 13:36:23 NZST, Filter: pfe, Filter action:
> discard, Name of interface: ge-2/0/0.402
> Name of protocol: UDP, Packet Length: 29, Source address:
> 207.44.228.86:40582, Destination address: 58.28.4.2:23739
> Time of Log: 2008-09-26 13:36:23 NZST, Filter: pfe, Filter action:
> discard, Name of interface: ge-2/0/0.402
> Name of protocol: UDP, Packet Length: 29, Source address:
> 207.44.228.86:40582, Destination address: 58.28.4.2:38318
> Time of Log: 2008-09-26 13:36:23 NZST, Filter: pfe, Filter action:
> discard, Name of interface: ge-2/0/0.402
> Name of protocol: UDP, Packet Length: 29, Source address:
> 66.98.168.73:32812, Destination address: 58.28.4.2:35286
> Time of Log: 2008-09-26 13:36:23 NZST, Filter: pfe, Filter action:
> discard, Name of interface: ge-2/0/0.402
> Name of protocol: UDP, Packet Length: 29, Source address:
> 66.98.198.57:40300, Destination address: 58.28.6.2:19062
> Time of Log: 2008-09-26 13:36:23 NZST, Filter: pfe, Filter action:
> discard, Name of interface: ge-2/0/0.402
> Name of protocol: UDP, Packet Length: 29, Source address:
> 66.98.168.73:32812, Destination
> 
> 
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
> 
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security
> counter-measures.
> _______________________________________________

More information about the nsp-security mailing list