[nsp-sec] NTP reflection attacks

Fronenbroek, Kick kfronenbroek at libertyglobal.com
Thu Jan 9 04:41:01 EST 2014 

Hi, thanks !!

ACK for 6830, 5089, 5462,20825 & 29562 - quiet some work to do.

Regards,
Kick

On 08 Jan 2014, at 20:44 , Jared Mauch <jared at puck.nether.net> wrote:

> ----------- nsp-security Confidential --------
> 
> On Wed, Jan 08, 2014 at 02:39:04PM -0500, Jared Mauch wrote:
>> ----------- nsp-security Confidential --------
>> 
>> On Thu, Jan 02, 2014 at 04:22:44PM +0000, Wentworth, Brett wrote:
>>> ----------- nsp-security Confidential --------
>>> 
>>> We are seeing a spike.  Anyone else?
>> 
>> Sure.
>> 
>> http://openntpproject/ntp-worst-cymru.txt is available for your remediation action.
>> The website will be searchable soon, perhaps with the data from tomorrows scan.
> 
> that should be *dot org*
> 
> Also TOP ASNs:
> 
> 237124 7018 
>  78356 4766 
>  55886 2914  (oops on us!)
>  26187 9318 
>  13704 15290 
>  11632 6389 
>  11514 7029 
>  10472 4134 
>  10190 4323 
>   7617 3786 
>   6908 7132 
>   6078 17506 
>   5510 36149 
>   5303 46375 
>   5198 3320 
>   4833 9808 
>   4817 4837 
>   2814 1785 
>   2810 3462 
>   2758 4847 
>   2409 17444 
>   2391 36351 
>   2335 23352 
>   2230 20057 
>   2227 15557 
>   2207 3356 
>   2155 3152 
>   2144 5606 
>   2140 29182 
>   2124 1221 
>   2011 6830 
>   1987 2516 
>   1783 9269 
>   1777 50245 
>   1761 20773 
>   1754 24940 
>   1726 2497 
>   1638 4713 
>   1636 12389 
>   1631 10029 
>   1628 20021 
>   1619 3269 
>   1614 24557 
>   1613 15418 
>   1600 31200 
>   1578 9202 
>   1502 786 
>   1426 16276 
>   1422 3301 
>   1412 28717 
>   1382 4725 
>   1382 174 
>   1333 680 
>   1293 137 
>   1292 2906 
>   1283 13768 
>   1234 22773 
>   1229 4812 
>   1198 9443 
>   1181 2711 
>   1172 600 
>   1149 7065 
>   1129 209 
>   1117 701 
> 
> 
> -- 
> Jared Mauch | +1 313 506 4307 * AS2914
> 
> 
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
> 
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________

More information about the nsp-security mailing list