[nsp-sec] Shopify (204.15.199.4) under fire, got C&C?
Scott A. McIntyre
scott at xs4all.net
Tue Mar 24 13:02:45 EDT 2009
Hi,
The folks over at Shopify are catching a reasonable sized 80/tcp
synflood. Target is 204.15.199.4. We've been seeing a fair bit of
backscatter here, starting around 2009-03-24 15:54:37.075 UTC+0100.
Anyone happen to see in their flows actual traffic from their part of
the world and, better still, indication of what/where/who the C&C is?
Much obliged on behalf of Interested Parties,
Scott A. McIntyre
XS4ALL Internet B.V.
More information about the nsp-security
mailing list