[nsp-sec] Query: UDP traffic with src ip 178.217.130.55 port 80
Darren Grabowski
drg at us.ntt.net
Tue Oct 11 15:34:26 EDT 2011
Not from this IP, but we have seen this behavior in the past. We didn't do anything beyond blocking it, but we were a bit curious as to what this was all about.
darren
On Oct 11, 2011, at 3:15 PM, Kauto Huopio wrote:
> ----------- nsp-security Confidential --------
>
> This is a general query on UDP traffic with source IP 178.217.130.55
> port 80. This is 99.999% spoofed, aimed to Call of Duty game servers
> used as DDoS amps.. All information welcome..
>
> --Kauto
> FICORA / CERT-FI
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________
More information about the nsp-security
mailing list