[nsp-sec] OVH and Ecatel contacts for help with DNS IN ANY attacks wanted
John Kristoff
jtk at cymru.com
Mon Feb 11 13:50:42 EST 2013
On Mon, 4 Feb 2013 02:18:48 +0000 (GMT)
"James A. T. Rice" <james_r-nsp at jump.org.uk> wrote:
[...]
> I'd probably lose a bunch of attack traffic and no legitimate traffic
> to our other prefixes if I were to join AMSIX with a 10Mbps port and
> a Raspberri PI purely to peer with them in order to nullroute all
> traffic from them.
James,
I greatly appreciate your candor and insight. I'm hearing a similar
story from a number of folks regarding Ecatel.
If you, or anyone else for that matter, has any left-over evidence
(pcap, flow data, logs) of specific events either recently or ongoing,
I would be interested in collecting copies of it if I could.
In order to formulate a proper response and coordinate with colleagues,
I need as much good evidence as possible.
Thank you,
John
More information about the nsp-security
mailing list