[nsp-sec] 19K resolvers
SURFcert - Peter
p.g.m.peters at utwente.nl
Fri May 17 02:54:09 EDT 2013
Justin,
Justin M. Streiner wrote on 16-05-2013 21:50:
>> ~23 hours later, it looks 69 of 343 or 20% are no longer open recursive
>> resolvers. We got a very positive response from the EDU sector with zero
>> negative feedback.
>
> I'm working on getting the group that owns the machines that were
> identified here (University of Pittsburgh - AS4130) to get them locked
> down. I should have good news to report soon ;)
Lock down? As in control who controls and uses them. We would love to
know where the users are. We are having 1 to 5 DDoS attacks each day.
Most only last for a few minutes and all seem to target educational
institutes. A few have confirmed the attacks occur when a class needs to
access internet to study. We have found one student who bragged about
making it impossible to do tests that need internet connections.
--
Peter Peters /------\ SURFnet bv
SURFcert | SURF | cert.surfnet.nl
cert at surfnet.nl \-----\ \-----\ Postbus 19035
PGP Key ID 0x5A52C966 | CERT | NL-3501 DA Utrecht
+31 30 2305 305 \------/ fax: +31 30 2305 329
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <https://puck.nether.net/mailman/private/nsp-security/attachments/20130517/ba6e35a8/attachment-0001.sig>
More information about the nsp-security
mailing list