Recent DNS attacks from China?

Matlock, Kenneth L MatlockK at exempla.org
Wed Nov 30 18:57:23 UTC 2011


Except in this case it's a DNS attack, which implies UDP based and easily spoofed. The source IP may or may not actually be accurate.
 
Ken

________________________________

From: Richard Barnes [mailto:richard.barnes at gmail.com]
Sent: Wed 11/30/2011 11:51 AM
To: andrew.wallace
Cc: nanog at nanog.org; Leland Vandervort
Subject: Re: Recent DNS attacks from China?



An attack originating from somewhere indicates the presence of either
an attacker or a compromised host.  A particular density of either in
a particular geographical area would seem like an interesting data
point.

--Richard

On Wed, Nov 30, 2011 at 1:24 PM, andrew.wallace
<andrew.wallace at rocketmail.com> wrote:
> Before we see knee-jerk conclusions about who to blame, these attacks could be carried out by anyone.
>
>
> Is country even relevant in the cyberscape?
>
>
> Andrew


*** Exempla Confidentiality Notice *** The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any other dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify me immediately by replying to the message and deleting it from your computer. Thank you. *** Exempla Confidentiality Notice ***





More information about the NANOG mailing list