[nsp-sec] Reflected DDoS Attack Targeting Sainsbury's
Boehm, Paul
Paul.Boehm at cw.com
Fri Mar 2 11:31:17 EST 2012
One of our customers, Sainsbury's in the UK, is targeted by a DDoS
attack running at a constant 5 - 6.5 Gbps since Feb 27th. The attack
type is Reflected Spoofed DDoS. The attack is mitigated.
Sainsburys is mentioned in
http://anonops.blogspot.com/2012/02/anonymous-hacks-us-prison-contractor
s.html so it may be the anon group.
I need to do a traceback from which ASNs the traffic with the spoofed
source IP originates.
Can the nspsec community please check from which ASNs you receive UDP
traffic with source IP 62.25.72.2?
All UDP traffic from source IP 62.25.72.2 is spoofed.
Thanks in advance
Paul Boehm
Managed Security Services Manager
3rd Line Operations
Cable & Wireless Worldwide
Direct Dial: +44 (0) 2072053055
www.cw.com <http://www.cw.com/>
This e-mail has been scanned for viruses by the Cable&Wireless Worldwide e-mail security system. For more information on a proactive
managed e-mail secure service, visit http://www.cw.com/managed-exchange
The information contained in this e-mail is confidential and may also be subject to legal privilege. It is intended only for the recipient(s) named above.
If you are not named above as a recipient, you must not read, copy, disclose, forward or otherwise use the information contained in this email. If you
have received this e-mail in error, please notify the sender (whose contact details are above) immediately by reply e-mail and delete the message and any
attachments without retaining any copies.
Cable & Wireless Worldwide plc
Registered in England and Wales. Company Number 07029206
Registered office: Waterside House, Longshot Lane, Bracknell, Berkshire, RG12 1XL, England
More information about the nsp-security
mailing list