[nsp-sec] DDOS Fun
King, Link
Link.King at neustar.biz
Wed Sep 19 11:25:42 EDT 2012
Hi folks.
We have one of the current targets of the ongoing financial services
targets. Target IP's:
156.154.64.70
156.154.65.70
156.154.66.70
156.154.67.70
156.154.68.70
156.154.69.70
Attached are the current heavy hitters. The signature is TCP SYN (port
53) and UPD/53 with AAAAAA's stuffed in the packet (large UDP packets).
These are authoritative nameservers so don't kill all TCP/UDP 53 traffic
but if possible please deal with the sources.
I'll update as sources/attack changes. Thanks!
--
Link King
link.king at neustar.biz
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ip_details.txt
URL: <https://puck.nether.net/mailman/private/nsp-security/attachments/20120919/db319e77/attachment-0001.txt>
More information about the nsp-security
mailing list