[nsp-sec] GoDaddy DDOS details ?
Gilmore, Patrick
patrick at akamai.com
Mon Sep 10 16:04:41 EDT 2012
On Sep 10, 2012, at 15:48 , "White, Gerard" <Gerard.White at bellaliant.ca> wrote:
> If you TCP/53 to any of their DNS resources, you do get 3-way... so it doesn`t look like a typical DDoS attack to me...
> From: nsp-security-bounces at puck.nether.net [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of Mike Tancsa
> Sent: September-10-12 5:02 PM
> To: NSP-SEC
> Subject: [nsp-sec] GoDaddy DDOS details ?
>> Does anyone have details on the attack ? Target(s) ? Looking at my
>> flows, I dont see anything obvious jumping out (e.g larger than 500byte
>> packets with suspicious ephemeral ports etc)
I thought the typical attack against DNS these days was port 53, sub-512-byte packets, i.e. standard DNS queries?
--
TTFN,
patrick
More information about the nsp-security
mailing list