[nsp-sec] attack at 94.136.45.251/32 & 94.136.45.252/32 - high bandwidth compromised hosts
Steve Colam
steve.colam at gxn.net
Tue Oct 13 16:54:31 EDT 2009
Hi People,
We've got a 4-6gb 400k pps attack going on at 94.136.45.251/32 & 252/32
These are the worst attack srcs, big speeds, worthy of investigation - especially
83.168.205.102
Times taken approx 20:45 GMT0
15244 | 74.50.1.185 | 0.39 Gbps 34.53 kpps | ADDD2NET-COM-INC-DBA-LUNARPAGES - Lunar Pages
15244 | 74.50.7.45 | 0.20 Gbps 17.63 kpps | ADDD2NET-COM-INC-DBA-LUNARPAGES - Lunar Pages
17974 | 203.130.233.56 | 0.09 Gbps 7.88 kpps | TELKOMNET-AS2-AP PT Telekomunikasi Indonesia
20473 | 66.55.132.6 | 0.10 Gbps 8.90 kpps | AS-CHOOPA - Choopa, LLC
21844 | 174.120.0.194 | 0.25 Gbps 22.08 kpps | THEPLANET-AS - ThePlanet.com Internet Services, Inc.
22384 | 66.115.173.12 | 0.14 Gbps 12.45 kpps | NATIONALNET-1 - NationalNet, Inc.
29550 | 92.48.69.177 | 0.51 Gbps 44.25 kpps | EUROCONNEX-AS Blueconnex Networks Ltd
32475 | 99.198.112.106 | 0.24 Gbps 21.00 kpps | SINGLEHOP-INC - SingleHop
35041 | 83.168.205.102 | 0.87 Gbps 76.55 kpps | NET-CRYSTONE-STHLM Crystone Autonomous Network Stockholm
Many thanks,
Steve @ AS5413
--
Steve Colam
Head of Network Operations
Vialtus Solutions Mobile: +44 797 153 4844
steve.colam at vialtus.com Direct: +44 208 587 6271
PGP Key ID: 0x1C19D542 http://www.vialtus.com/
More information about the nsp-security
mailing list