[nsp-sec] DDOS Fun
Dave Burke
dave at amazon.com
Wed Sep 19 11:52:42 EDT 2012
38895 | 122.248.245.102 | 122.248.192.0/18 | SG | apnic | 2010-12-29 | AMAZON-AS-AP Amazon.com Tech Telecom
ACK Amazon - Requested host be squashed.
On Sep 19, 2012, at 4:25 PM, King, Link wrote:
> ----------- nsp-security Confidential --------
>
> Hi folks.
>
> We have one of the current targets of the ongoing financial services
> targets. Target IP's:
>
> 156.154.64.70
> 156.154.65.70
> 156.154.66.70
> 156.154.67.70
> 156.154.68.70
> 156.154.69.70
>
>
> Attached are the current heavy hitters. The signature is TCP SYN (port
> 53) and UPD/53 with AAAAAA's stuffed in the packet (large UDP packets).
> These are authoritative nameservers so don't kill all TCP/UDP 53 traffic
> but if possible please deal with the sources.
>
> I'll update as sources/attack changes. Thanks!
>
>
> --
> Link King
> link.king at neustar.biz
>
>
>
>
>
> <ip_details.txt>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________
Amazon Data Services Ireland Limited registered office: Riverside One, Sir John Rogerson's Quay, Dublin 2, Ireland. Registered in Ireland. Registration number 390566.
More information about the nsp-security
mailing list