[nsp-sec] ACK 26496 - Re: DDOS Fun
Greg Schwimer
gschwimer at godaddy.com
Wed Sep 19 13:56:07 EDT 2012
Think we see something here... Investigating.
----- Original Message -----
From: "Link King" <Link.King at neustar.biz>
To: nsp-security at puck.nether.net
Sent: Wednesday, September 19, 2012 8:25:42 AM
Subject: [nsp-sec] DDOS Fun
----------- nsp-security Confidential --------
Hi folks.
We have one of the current targets of the ongoing financial services
targets. Target IP's:
156.154.64.70
156.154.65.70
156.154.66.70
156.154.67.70
156.154.68.70
156.154.69.70
Attached are the current heavy hitters. The signature is TCP SYN (port
53) and UPD/53 with AAAAAA's stuffed in the packet (large UDP packets).
These are authoritative nameservers so don't kill all TCP/UDP 53 traffic
but if possible please deal with the sources.
I'll update as sources/attack changes. Thanks!
--
Link King
link.king at neustar.biz
_______________________________________________
nsp-security mailing list
nsp-security at puck.nether.net
https://puck.nether.net/mailman/listinfo/nsp-security
Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
community. Confidentiality is essential for effective Internet security counter-measures.
_______________________________________________
More information about the nsp-security
mailing list