[nsp-sec] AS5430 under attack -- assistance needed
Patrick Rother
krd at mcbone.net
Thu Jul 19 14:15:53 EDT 2012
On Thu, Jul 19, 2012 at 08:03:25PM +0200, sthaug at nethelp.no wrote:
> > AS5430 is under heavy attack since today noon, getting 10 Gbps
> > additional traffic from all directions.
>
> Hi Patrick,
>
> Your message was somewhat low on detail - but anyway, from my vantage
> point in AS 2116 I saw a couple of cases of spoofed source DNS-based
> amplification attacks today, against UDP/53 on these hosts (times in
> UTC+2):
>
> 194.97.15.21 14:17 - 14:54
> 62.104.23.36 18:20 - 18:39
>
> We have blackholed the attack traffic towards these two hosts at the
> AS 2116 border after discovering it.
That's exactly what we have been seeing, thank you for blocking!
Is there anything I can do against such attacks from inside my
network, which I'm not aware of?
Please advise, as I'm a bit outdated in this matter.
Thank you.
--
freenet Datenkommunikations GmbH, Willstätterstraße 13, D-40549 Düsseldorf
Ein Unternehmen der freenet AG
Geschäftsführer: Stephan Esch, Nicolas Tetau
Amtsgericht Hamburg HRB 88147
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: not available
URL: <https://puck.nether.net/mailman/private/nsp-security/attachments/20120719/6749cdcc/attachment-0001.sig>
More information about the nsp-security
mailing list