[nsp-sec] DDoS targeting 77.87.225.2
Chris Calvert
Chris.Calvert at telus.com
Thu Jul 16 11:38:06 EDT 2009
For the record, I'm not seeing anything malicious for AS852. Any leads?
> -----Original Message-----
> From: nsp-security-bounces at puck.nether.net [mailto:nsp-security-
> bounces at puck.nether.net] On Behalf Of Thomas Hungenberg
> Sent: Thursday, July 16, 2009 4:30 AM
> To: nsp-sec
> Subject: [nsp-sec] DDoS targeting 77.87.225.2
>
> ----------- nsp-security Confidential --------
>
> Hi teams,
>
> there is an ongoing tcp syn flood attack (starting ~ 23.30 UTC last night)
> targeting 77.87.225.2:80 (www.deutschland.de).
>
> It appears the source IPs are not spoofed. Most of the sources are within
> 187/8, 189/8, 190/8, 200/8 and 201/8.
>
> Anyone having any background info on this?
>
>
> - Thomas
>
> CERT-Bund Incident Response & Anti-Malware Team
>
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security
> counter-measures.
> _______________________________________________
More information about the nsp-security
mailing list