[nsp-sec] Anyone at AS4837 - CHINA169-BACKBONE?
Yiming Gong
Yiming.gong at xo.com
Tue Jan 11 12:00:22 EST 2011
I don't think we have a CNC people on the list.
Yiming
On 1/11/2011 10:08 AM, Pekka Savola wrote:
> ----------- nsp-security Confidential --------
>
> Hi,
>
> Is there anyone at AS4837 or close by here? *)
>
> There's ongoing attack (well, it has lasted some 5 days now :P) that should be
> squashed, last I looked it was 200Kpps.
>
> 123.138.22.75 -> 130.234.181.144 various 29bpp UDP packets.
>
> More info:
>
> At 2011-01-06 04:02:45.056 (UTC) a distributed UDP 29-43bpp UDP attack started
> against 130.234.181.144. This was some 1.2Mpps. Since then it has quieted down,
> but some 100-300Kpps "background noise" has remained still. This is coming from
> the single source now.
>
> AS | IP | AS Name
> 4837 | 123.138.22.75 | CHINA169-BACKBONE CNCGROUP China169 Backbone
>
> *) I looked at https://puck.nether.net/nsp-security/contact/ but it appears to
> be incomplete. Not sure if there is better way to find people.
>
> Pekka Savola
> AS1741
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________
>
More information about the nsp-security
mailing list