[nsp-sec] DDoS Towards 37.26.106.206
Daniel Goscomb
dang at goscomb.net
Sat Jul 7 15:36:54 EDT 2012
Hi All
Our downstream customer, AS52148, has been under an attack of around 3Gbps for the last 7 or so hours.
Traffic is UDP flood to 37.26.106.206. Whilst this prefix is null routed we are still seeing a lot of traffic hit us. I can see on sflow/netflow that this is coming from a large number of sources (probably spoofed).
Would people please check their flows for any UDP traffic to 37.26.106.206 and take the appropriate action?
Cheers
Dan
More information about the nsp-security
mailing list