[nsp-sec] DDoS target intel/info request.
Scott A. McIntyre
scott at howyagoin.net
Mon Dec 19 01:53:38 EST 2011
Hi all,
For NSP-SEC eyes only, so please don't cross/repost this with others (a
specific request from the target).
I'm semi-proxying this for the target, who is suffering from an attack
on their https server.
The attack was a TCP flood, but now it's moved on, reportedly, to proper
https.
Sources:
223.206.151.154
223.204.11.137
220.101.130.214
58.9.111.164
202.4.121.157
97.96.189.5
190.18.94.66
The target is: https://invest.etrade.com.au
Anyone on NSP-SEC have intel on the sources, what may be behind this, etc?
Much obliged if so!
Scott A. McIntyre
Telstra
AS1221
More information about the nsp-security
mailing list