[nsp-sec] dns reflective attack.
Smith, Donald
Donald.Smith at qwest.com
Mon Jan 19 10:46:22 EST 2009
Someone out there has been hitting dns servers with root queries.
The source is spoofed and appears to be a dns reflective amplification attack.
I have a few of the addresses they are spoofing the traffic from:
76.9.16.171, 69.50.142.11, 76.9.31.42 and 69.50.142.110.
Here is a link to the isc.sans.org diary on what is being reported.
http://isc.sans.org/diary.html?storyid=5713
H8Hz
Donald.Smith at qwest.com gcia
More information about the nsp-security
mailing list