[nsp-sec] 900 Mbit/s UDP DDOS towards 178.217.130.55
Kauto Huopio
kauto.huopio at ficora.fi
Tue Oct 11 10:27:48 EDT 2011
We have an ongoing DDoS towards 178.217.130.55 - a major
evening tabloid newspaper website in Finland. Volume around 900 Mbit/s.
Rumours on attack generation methods:
http://wiki.modsrepository.com/index.php/Call_of_Duty_4:_Servers
http://www.codpromod.com/promod-live-2-11-eu-realesenotes/
The COD4 modification is reported to have a vulnerability allowing
attack traffic generation.
Top 10 sources currently seen by the target:
208.167.251.166: 4633.37 kbps
93.191.11.115: 5019.44 kbps
109.70.149.93: 5063.13 kbps
188.138.101.184: 5303.52 kbps
109.70.148.70: 5406.60 kbps
109.70.148.71: 5483.07 kbps
94.76.107.131: 5604.83 kbps
216.221.12.45: 5839.08 kbps
109.70.148.79: 6132.75 kbps
95.141.32.83: 6216.74 kbps
--Kauto
More information about the nsp-security
mailing list