[nsp-sec] Twitter/LJ attack sources
Smith, Donald
Donald.Smith at qwest.com
Fri Aug 7 08:28:10 EDT 2009
No problem.
Based on what was posted (scrubbers flow) and my own netflow it didn't appear to be a typical "ddos" attack.
(coffee != sleep) & (!coffee == sleep)
Donald.Smith at qwest.com gcia
________________________________________
From: Bill Woodcock [woody at pch.net]
Sent: Thursday, August 06, 2009 6:13 PM
To: Smith, Donald
Cc: 'Nicholas Ianelli'; 'nsp-security at puck.nether.net'
Subject: RE: [nsp-sec] Twitter/LJ attack sources
> Woody, I checked those ips against a set I had from an attack yesterday but only got three matches. Not very good correlation between two lists of nearly 2k attackers so I suspect it is totally unrelated.
Sorry, that was Facebook's list of inbound sources, before they realized
it was a joe job, so they didn't know they wouldn't be seeing repeat
traffic from them. Just users clicking on links. :-/
Sorry I've been offline and unable to reply earlier.
-Bill
More information about the nsp-security
mailing list