[nsp-sec] UDP DDoS to PDNS1.ULTRADNS.NET and PDNS5.ULTRADNS.INFO

David Freedman david.freedman at uk.clara.net
Thu Jun 18 12:52:54 EDT 2009 

ACK 8426 

------------------------------------------------
David Freedman
Group Network Engineering 
Claranet Limited
http://www.clara.net



-----Original Message-----
From: nsp-security-bounces at puck.nether.net on behalf of Nicholas Ianelli
Sent: Thu 6/18/2009 17:45
To: NSP-SEC List
Subject: Re: [nsp-sec] UDP DDoS to PDNS1.ULTRADNS.NET and PDNS5.ULTRADNS.INFO
 
----------- nsp-security Confidential --------

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Here is the actual full list:

https://asn.cymru.com/nsp-sec/upload/1245339888.whois.txt

time range was from 12:56 to 15:18 UTC.

Nick

Nicholas Ianelli wrote:
> ----------- nsp-security Confidential --------
> 
> 
> Name:    PDNS5.ULTRADNS.INFO
> Address:  204.74.114.1
> 
> Name:    PDNS1.ULTRADNS.NET
> Address:  204.74.108.1
> 
> UDP traffic destined to ports 0-5119, majority of packets were of a size
> 1.15kbytes/packet
> 
> This appears to be spoofed, still interested in what anyone can find.
> I've included a list of hosts seen participating in this attack. The
> data is valid from 1420 GMT to 1450 GMT on 2009.06.18
> 
> Cheers,
> nick
> 

_______________________________________________
nsp-security mailing list
nsp-security at puck.nether.net
https://puck.nether.net/mailman/listinfo/nsp-security

Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
community. Confidentiality is essential for effective Internet security
counter-measures.
_______________________________________________



- --
Nicholas Ianelli: NeuStar, Inc.
Security Operations

46000 Center Oak Plaza Sterling, VA 20166
+1 571.434.4691 - http://www.neustar.biz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)

iEYEARECAAYFAko6b0EACgkQi10dJIBjZIBZwACdG5hlAKz0vpsq7+qBL760J5D3
w7MAnij/roW/FBUCaVnj51KueyyzxvEC
=TKQt
-----END PGP SIGNATURE-----


_______________________________________________
nsp-security mailing list
nsp-security at puck.nether.net
https://puck.nether.net/mailman/listinfo/nsp-security

Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
community. Confidentiality is essential for effective Internet security counter-measures.
_______________________________________________

More information about the nsp-security mailing list