[nsp-sec] Multiple DDoS attacks
Matthew.Swaar at us-cert.gov
Matthew.Swaar at us-cert.gov
Mon Jul 6 18:18:11 EDT 2009
Yes to both. The volume of total traffic is large enough that I'm
struggling to define what is attack and what is normal or incidental.
The UDP-80 was the first thing I pushed out because it was the simplest
to identify/isolate.
>Out of curiosity, mixed with these syn floods are you seeing valid HTTP
>GETS / and some ICMP floods?
>
>-dave
Very Respectfully,
US-CERT Ops Center
703-235-5111
POC: Matt Swaar - Analyst
-----Original Message-----
From: nsp-security-bounces at puck.nether.net
[mailto:nsp-security-bounces at puck.nether.net] On Behalf Of Dave Mitchell
Sent: Monday, July 06, 2009 6:01 PM
To: Tim Wilde
Cc: nsp-security at puck.nether.net
Subject: Re: [nsp-sec] Multiple DDoS attacks
----------- nsp-security Confidential --------
More information about the nsp-security
mailing list