[nsp-sec] UDP flood against 83.218.20.202 - assistance tracking C&C & hackanonymous

Matthew.Swaar at us-cert.gov Matthew.Swaar at us-cert.gov
Thu Apr 12 18:00:15 EDT 2012

Previous message: [nsp-sec] UDP flood against 83.218.20.202 - assistance tracking C&C & hackanonymous
Next message: [nsp-sec] ACK .. Re: UDP flood against 83.218.20.202 - assistance tracking C&C & hackanonymous
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Steve,

FWIW, based on the backscatter that I see from 83.218.20.202 (SYN-ACKS from source port TCP-80) some/all of the syn-flooding that you're seeing is spoofed.  I don't know how that volume compares to the UDP traffic you're seeing.

Very Respectfully,

US-CERT Ops Center
888-282-0870
POC: Matt Swaar - Analyst

Previous message: [nsp-sec] UDP flood against 83.218.20.202 - assistance tracking C&C & hackanonymous
Next message: [nsp-sec] ACK .. Re: UDP flood against 83.218.20.202 - assistance tracking C&C & hackanonymous
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the nsp-security mailing list