Spamhaus under DDOS from AnonOps (Wikileaks.info)
Jack Bates
jbates at brightok.net
Sun Dec 19 04:58:48 UTC 2010
On 12/18/2010 5:15 PM, Marshall Eubanks wrote:
>
> I get nothing from wikileaks.org, although the DNS is active :
>
$ host wikileaks.org
wikileaks.org has address 64.64.12.170
$ telnet 64.64.12.170 80
Trying 64.64.12.170...
Connected to 64.64.12.170.
Escape character is '^]'.
GET / HTTP/1.1
Host: wikileaks.org
HTTP/1.1 302 Found
Date: Sun, 19 Dec 2010 04:56:23 GMT
Server: Apache
Location: http://mirror.wikileaks.info/
Content-Length: 213
Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a
href="http://mirror.wikileaks.info/">here</a>.</p>
</body></html>
Connection to 64.64.12.170 closed by foreign host.
> and, at least here, a traceroute disappears into servint
> <snip>
> 8 64.125.195.222.t00883-02.above.net (64.125.195.222) 15.905 ms 12.172 ms 12.072 ms
> 9 sc-smv1766.servint.net (216.22.61.86) 15.879 ms 11.974 ms 13.761 ms
> 10 * * *
>
I see same timeouts, but tcp/80 is going through. Filtering, I suspect.
Jack
More information about the NANOG
mailing list