[nsp-sec] UDP love against AS5539
David Freedman
david.freedman at uk.clara.net
Fri Dec 23 10:41:46 EST 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
We've applied ACLs to all of these whilst they are investigated, there
seems to be a lot of traffic from these going to home DSL users, the
theory of it being a game service may indeed have some substance,
do you want us to try capturing some of the traffic?
Dave.
On 23/12/11 15:26, Gert Doering wrote:
> Hi,
>
> On Fri, Dec 23, 2011 at 03:04:17PM +0000, David Freedman wrote:
>> ACK 8426, Apologies for the delay
>
> Thanks for tackling these :-) - if you find anything, please let me
> know.
>
> Someone else suggested these might be CallOfDuty servers being used for
> an UDP reflection/amplification attack. So they *might* not be bad (but
> in this case you should see UDP flows "from us")...
>
> gert
- --
David Freedman
Group Network Engineering
david.freedman at uk.clara.net
Tel +44 (0) 20 7685 8000
Claranet Group
21 Southampton Row
London - WC1B 5HA - UK
http://www.claranet.com
Company Registration: 3152737 - Place of registration: England
All the information contained within this electronic message from
Claranet Ltd is covered by the disclaimer at
http://www.claranet.co.uk/disclaimer
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk70oToACgkQtFWeqpgEZrJcEgCg2r5oPfp4R+SM3cj7lP+7I8xz
EyoAniaTNqxpoZ0q11nsL/r843RPNu9D
=kYCU
-----END PGP SIGNATURE-----
More information about the nsp-security
mailing list