[nsp-sec] NTP Reflection attacks
Sebastien Lahtinen
seb at ncuk.com
Fri Apr 4 14:50:47 EDT 2014
Hi,
We've been on the receiving end of several NTP reflection DDoS attacks
over the last few days.
Attached is an output of the IPs which have been involved. I have merged
them all into one for ease of reference but can provide further details on
request.
All the IPs listed sent at least 1,000 packets matching the following
profile (proto udp; src port 123; dst port 80; dst ip 80.249.107.34)
during at least one of the time windows below:
2014-03-31 12:34 - 2014-03-31 13:09 BST
2014-04-03 14:19 - 2014-04-03 14:54 BST
2014-04-04 09:24 - 2014-04-04 09:39 BST
All times are British Summer Time (BST) currently GMT+1.
Regards,
Sebastien
AS21396
--
NetConnex Broadband Ltd.
tel. +44 870 745 4830 fax. +44 870 745 4831
Court Farm Lodge, 1 Eastway, Epsom, Surrey, KT19 8SG. United Kingdom.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ddos-merged3.txt
URL: <https://puck.nether.net/mailman/private/nsp-security/attachments/20140404/e7a8a5ef/attachment-0001.txt>
More information about the nsp-security
mailing list