[nsp-sec] Query: UDP traffic with src ip 178.217.130.55 port 80
Rodney Joffe
rjoffe at centergate.com
Tue Oct 11 15:52:40 EDT 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
As a follow up, if you have the same information on 216.255.148.50 we'd appreciate that info also. Relates to Kauto's request, and my DDoS request earlier. Kit spoofs victim's IP towards CoD, uses CoD servers as a reflector.
On Oct 11, 2011, at 3:15 PM, Kauto Huopio wrote:
> ----------- nsp-security Confidential --------
>
> This is a general query on UDP traffic with source IP 178.217.130.55
> port 80. This is 99.999% spoofed, aimed to Call of Duty game servers
> used as DDoS amps.. All information welcome..
>
> --Kauto
> FICORA / CERT-FI
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
iEYEARECAAYFAk6Uno0ACgkQRrelm2onc7AMNQCeOasy/OO+TNsJv34HW9vIuU0f
KkEAnArSiHy2ENbaDLKmRfkhfkoUTa1E
=dpE8
-----END PGP SIGNATURE-----
More information about the nsp-security
mailing list