[nsp-sec] Please confirm DDoS entry 208.73.210.29
Dave Monnier
dmonnier at cymru.com
Tue Feb 22 11:48:35 EST 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 2/22/11 10:31 AM, Jason Chambers wrote:
> ----------- nsp-security Confidential --------
>
> Hello all,
>
> We generated 400+ reports in the past 26 hours due to a new DDoS entry
> of 208.73.210.29.
>
> Can you please recheck this IP to see if it should have the services bit
> set ?
>
>
> Thanks,
>
Hey, Jason.
Thanks for the heads up. As Chris mentioned, this is Oversee. They
look to have squashed the c&c, or broken the link to it with their
service. The actual c&c goes back to 2010 and just moved to their network.
The entry has been removed.
Thanks,
- -Dave
- --
Dave Monnier
Team Cymru
https://www.team-cymru.org/
PGP: http://www.cymru.com/dmonnier/0x7C1AAE55_pub.asc
We just launched our new Training Practice, see
http://www.team-cymru.com/Services/Training/
-----BEGIN PGP SIGNATURE-----
iEYEARECAAYFAk1j6OMACgkQ+29txnwarlXqKQCbBPMTYfxVhW/6vOzbqCV/yy8m
CZwAnRVBCx3VPWInsoNHxlsnmGpxGWJz
=sMXu
-----END PGP SIGNATURE-----
More information about the nsp-security
mailing list