[nsp-sec] 10Gbps distributed UDP flood against 62.50.74.234 (AS8928)
Rune Sydskjør
rune.sydskjor at uninett.no
Fri Jun 4 02:28:32 EDT 2010
Mike Hellers wrote:
> We have experienced a rather large, and distributed attack against one
> of our customers over the past couple of hours, it is actually still
> going on at this time. We have seen overall traffic levels above 10Gbps,
> mainly UDP traffic from and towards a range of ports.
>
> The targeted host is primarily 62.50.74.234.
>
> I would appreciate to hear if anybody else has some additional
> information they can provide us with, especially if this was controlled
> by known C&C.
I see one host in our network participating in this attack. I've
reported this to our customer, and will filter this out if they do not
take action asap.
Regards,
Rune Sydskjør, UNINETT CERT AS224
More information about the nsp-security
mailing list