[nsp-sec] DDOS against 128.8.164.46 (University of Maryland/AS27)
Gerry Sneeringer
sneeri at umd.edu
Fri Apr 3 11:32:29 EDT 2009
A short while ago (13:15-14:00 UTC), a compromised box (connected into
Undernet IRC, but were still sorting out why) here at Maryland took a
pounding from a relatively small number of attackers scattered across
the planet. The attack consisted of UDP packets with a single byte of
payload.
The attacking IP addresses were:
2519 | 202.215.176.199 | VECTANT VECTANT Ltd.
2856 | 86.136.194.193 | BT-UK-AS BTnet UK Regional network
4713 | 220.110.37.42 | OCN NTT Communications Corporation
4750 | 203.146.102.38 | CSLOXINFO-ISP-AS-AP CSLOXINFO Public Company Limited.
4788 | 218.208.91.111 | TMNET-AS-AP TM Net, Internet Service Provider
4808 | 202.108.251.99 | CHINA169-BJ CNCGROUP IP network China169 Beijing Province Network
7643 | 203.210.192.154 | VNN-AS-AP Vietnam Posts and Telecommunications (VNPT)
7678 | 210.166.216.34 | PROX Prox System Design Inc.
8708 | 86.125.13.166 | RDSNET RCS & RDS S.A.
9371 | 219.94.152.68 | SAKURA-C SAKURA Internet Inc.
17139 | 205.134.240.35 | CORPCOLO - Corporate Colocation Inc.
19262 | 68.236.111.24 | VZGNI-TRANSIT - Verizon Internet Services Inc.
19871 | 205.178.186.109 | NETWORK-SOLUTIONS-HOSTING - Network Solutions, LLC
Gerry Sneeringer
University of Maryland
Office of Information Technology
More information about the nsp-security
mailing list