[nsp-sec] attack against AS36666 C&C at 141.28.52.24 ?
Tim Kleefass
kleefass at belwue.de
Wed Jul 6 22:18:47 EDT 2011
On 06.07.2011 6:57 PM, Mike Tancsa wrote:
> AS | IP | AS Name
> 553 | 141.28.52.24 | BELWUE Landeshochschulnetz
> Baden-Wuerttemberg (BelWue)
On 07.07.2011 12:54 AM, Dave Monnier wrote:
> I've dropped the c&c into the ddosrs and it should show up momentarily.
I've blocked 141.28.52.24 tcp/8003 and notified the customer.
Cheers,
--
Tim Kleefass, Network Engineer
BelWü-Koordination, Universität Stuttgart
Industriestr. 28, 70565 Stuttgart
Loc.: N48° 43.4655 E9° 7.11037
NOC/IP: 01803/BELNET = 01803/235638
Tel. +49 711/685-65586 (Durchwahl)
Fax +49 711/678-8363
E-Mail: ip at belwue.de - http://www.belwue.de
More information about the nsp-security
mailing list