[nsp-sec] Ongoing DDoS against illinois.edu
Buraglio, Nicholas D
buraglio at illinois.edu
Sat Mar 2 11:58:18 EST 2013
It's mostly died off at this point. Thanks for looking, would appreciate ay other views and will report more as we find it. We saw a noticeable increase in ICMP around 11:30pm central last night right before it really ramped up.
--
nb
On Mar 2, 2013, at 10:47 AM, "Joel Rosenblatt" <joel at columbia.edu> wrote:
> Hi,
>
> I have a feeing that at least a few of these are spoofed addresses, since the one Columbia address does not seem to be hooked up to anything on our side.
>
> IP Subnet [Assignment]
> 160.39.31.129 160.39.31.128/25 [Available (Expansion space)]
> ARP cache
> IP MAC Last Seen
>
>
> I know it's a small sample, but that's all I have :-)
>
> good luck,
> Joel
>
> --On Saturday, March 02, 2013 4:01 PM +0000 "Buraglio, Nicholas D" <buraglio at illinois.edu> wrote:
>
>> ----------- nsp-security Confidential --------
>
>
>
> Joel Rosenblatt, Director, Network & Computer Security
> Columbia Information Security Office (CISO)
> Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
> http://www.columbia.edu/~joel
> Public PGP key
> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x90BD740BCC7326C3
>
>
More information about the nsp-security
mailing list