[nsp-sec] DNS amplification DDoS attack in progress via cam.ac.uk and ucam.org zones
Rodney Joffe
rjoffe at centergate.com
Thu Jun 28 12:45:53 EDT 2012
Sure. :-)
It has been set up as an ops-t trust group, so hopefully they're known by folks in the security area who can vouch for them.
The group has quite a bit of activity already.
On Jun 28, 2012, at 3:28 AM, SURFcert - Peter wrote:
> ----------- nsp-security Confidential --------
>
> Rodney,
>
> Rodney Joffe wrote on 25-06-2012 21:25:
>
>> Folks, as some of you know this attack profile has been ongoing for
>> many months (perhaps even over a year) against many major DNS
>> providers. And the level seems to be rising. We don't yet know
>> who/what is behind it, but we just spun up a special working group
>> (yes, it has become enough of a nuisance and potential threat that we
>> created a specific working group) to begin to research it, and try
>> and get it stopped.
>>
>> If you are affected, and have an interest in working this, please
>> feel free to reach out to the admins (Paul Vixie (paul at redbarn.org),
>> Chris Morrow (morrowc at ops-netman.net), and Sean Leach
>> (sleach at wiggum.com) who will bring you in/on.
>
> Can I forward these addresses to the people handling this? Not
> referencing nsp-sec of course.
>
> --
> Peter Peters /------\ SURFnet bv
> SURFcert | SURF | cert.surfnet.nl
> cert at surfnet.nl \-----\ \-----\ Postbus 19035
> PGP Key ID 0x5A52C966 | CERT | NL-3501 DA Utrecht
> +31 30 2305 305 \------/ fax: +31 30 2305 329
>
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________
More information about the nsp-security
mailing list