[nsp-sec] huge DDoS against AS41887 PROLOCATION (NL)
Jose Nazario
jose at arbor.net
Thu Sep 8 13:07:19 EDT 2011
without saying too much it looks like the TDSS botnet is behind this attack.
On Sep 8, 2011, at 10:59 AM, Jose Nazario wrote:
> ----------- nsp-security Confidential --------
>
> krebs is reaching out to me. he thinks the tdss/tdl rootkit guys may be DDoSing his blog, hosted at prolocation in NL. the attack seems so big it may be affecting all of prolocation.
>
> krebsonsecurity.com has address 94.228.133.163
>
> AS41887 | 94.228.133.163 | NL | PROLOCATION Prolocation AS
>
> i have no data on it, so i'm seeking data too.
>
> _____________________________
> jose nazario, ph.d. jose at arbor.net
> sr. manager of security research, arbor networks
> blog: http://asert.arbor.net/
> twitter: @arbornetworks
>
>
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________
_____________________________
jose nazario, ph.d. jose at arbor.net
sr. manager of security research, arbor networks
blog: http://asert.arbor.net/
twitter: @arbornetworks
More information about the nsp-security
mailing list