[nsp-sec] Anyone seeing any "packet love/DOS" headingfor 64.75.15.144?

Barry Raveendran Greene bgreene at senki.org
Wed May 6 12:58:49 EDT 2009 

Yep. I think that is related. It would also explain the lack of a clear
crime vector. This could be a grey hat reaction. 
 

> -----Original Message-----
> From: nsp-security-bounces at puck.nether.net 
> [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of 
> Chris Calvert
> Sent: Wednesday, May 06, 2009 9:30 AM
> To: 'Barry Greene'; 'nsp-security at puck.nether.net'
> Subject: Re: [nsp-sec] Anyone seeing any "packet love/DOS" 
> headingfor 64.75.15.144?
> 
> ----------- nsp-security Confidential --------
> 
> Perhaps related to?
> http://www.h-i-r.net/2009/05/oprah-queen-of-sheeple-promotes-m
alware.html
> 
> I poked around a bit, but not seeing much of anything in 
> terms of flow from my Internet customers to that IP on any 
> service (caveat: sampled).
> 
> Chris
> 
> > -----Original Message-----
> > From: nsp-security-bounces at puck.nether.net
> > [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of Barry 
> > Greene
> > Sent: Tuesday, May 05, 2009 7:30 PM
> > To: nsp-security at puck.nether.net
> > Subject: [nsp-sec] Anyone seeing any "packet love/DOS" 
> > heading for 64.75.15.144?
> > 
> > ----------- nsp-security Confidential --------
> > 
> > Hi Team,
> > 
> > Coupons.com is getting hit by a state orient DDOS attack (target 
> > 64.75.15.144). Some of the sources see thus far are:
> > 
> > 8.18.65.21
> > 8.5.245.39
> > 129.176.151.25
> > 12.36.123.2
> > 130.13.10.227
> > 
> > This is interfering with a "free food" campaign (i.e. legit 
> customers 
> > logging on to get a coupon for free food).
> > 
> > Any info would be helpful,
> > 
> > Thanks,
> > 
> > Barry Raveendran Greene
> > Director, Juniper Security Incident Response Team (SIRT)
> > 
> > Tel (Office): +1 408 936-6887
> > Tel (Cell): +1 408 218-4669
> > E-mail: bgreene at juniper.net
> > ! 
> > Chat Locations:
> > AIM: Barry R Greene
> > MSN: BarryRGreene
> > Yahoo: BarryRGreene
> > Skype: barrygreene
> > Jabber: barryrgreene at jabber.tisf.net
> > MSN: BarryRGreene at hotmail.com
> > 
> > PGP: 0x16BF45F3
> > 
> > 
> > 
> > _______________________________________________
> > nsp-security mailing list
> > nsp-security at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/nsp-security
> > 
> > Please do not Forward, CC, or BCC this E-mail outside of the 
> > nsp-security community. Confidentiality is essential for effective 
> > Internet security counter-measures.
> > _______________________________________________
> > 
> 
> 
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
> 
> Please do not Forward, CC, or BCC this E-mail outside of the 
> nsp-security community. Confidentiality is essential for 
> effective Internet security counter-measures.
> _______________________________________________
>

More information about the nsp-security mailing list