[nsp-sec] Got traffic? - DDoS towards 80.239.232.152
sthaug at nethelp.no
sthaug at nethelp.no
Thu May 20 16:25:37 EDT 2010
> Could really use some help here.
>
> ICMP/UDP and TCP Syn flood against 80.239.232.152, most likely spoofed.
>
> Anyone got anything?
Got a few likely sources here. Looks like SYN flooding and quite a bit
of large/fragmented UDP. Likely sources don't seem to be spoofed:
77.110.199.152 TCP
81.191.50.8 UDP and TCP
82.146.66.105 UDP
193.90.236.189 UDP
195.18.164.66 UDP
What would you like to have done with the traffic?
Steinar Haug, AS 2116 / 3307
More information about the nsp-security
mailing list