[nsp-sec] Inboot.me - vboot.us using DRDoS as a paid service

[John Kristoff]

On Tue, 30 Sep 2014 11:01:32 +0000
"Shelton, Steve" <sshelton at Cogentco.com> wrote:

> Did anyone happen to see this yesterday hitting their resolvers?

The DRG and my own resolvers have seen some ANY queries for
smar.vboot.us from 81.17.20.38 on September 27, 2014, all happening
around the 1930 UTC time frame.

In a cursory search, I've not seen the inboot.me name queried
for anywhere recently.

John