[nsp-sec] Potential Wikileaks related DDoS traffic
Jan Boogman
boogman at ip-plus.net
Fri Dec 10 10:04:42 EST 2010
Hi Daniel
we got our fair share of the attack against postfinance.ch last tuesday.
Some numbers:
attack volume about 150Mbps / 300kpps peak during 16 hours
95% of the attack entered our network in the US
about 90% of the traffic was sourced by these (probably spoofed) 5 src IPs:
72.9.153.142/32
128.138.6.213/32
109.169.67.110/32
81.169.145.25/32
213.114.73.229/32
Cheers
Jan
Swisscom
Am 09.12.2010 um 20:55 schrieb Daniel Schwalbe:
> ----------- nsp-security Confidential --------
>
>
> Does anybody have a read on which IPs or ASs are being targeted for the reportedly ongoing DDoS related to Wikileaks?
>
> Any idea about real numbers of volume of traffic involved, or is it just the media blowing things out of proportion again?
>
> Thanks!
> -Daniel
>
> --
> Daniel Schwalbe, CISSP, CISM, CIPP
> Assistant Director of Security Services
> Office of the CISO
> University of Washington
> Phone +1(206) 685-8210 | Email dfs at uw.edu
>
>
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________
More information about the nsp-security
mailing list