DDoS - CoD?
Alexander Harrowell
a.harrowell at gmail.com
Tue Sep 6 10:10:22 UTC 2011
On Tuesday 06 Sep 2011 09:14:26 Greg Chalmers wrote:
> Could be legitimate CoD servers responding to a spoofed query?
My first thought looking at the packet dump. Interesting that some poor
sap's hotmail address is embedded in it.
> How much
> traffic are you talking about out of curiosity?
>
> Regards
> Greg
>
>
> On Tue, Sep 6, 2011 at 6:03 PM, BH <lists at blackhat.bz> wrote:
>
> > On 6/09/2011 4:00 PM, Dobbins, Roland wrote:
> > > I've seen DDoS traffic on UDP/80 as far back as 2002
> > Hi Roland,
> >
> > I should be a bit more clear sorry, I too have frequently seen
attacks
> > on 80/udp but mainly as a source (eg. compromised hosting accounts)
> > rather than the destination. I didn't in the past do a packet
capture,
> > but I lookes at a couple of scripts and the data was usually randm
or
> > just AAAAAA etc. The thing that perplexed me is why it appears to be
> > Call of Duty data more than anything...
> >
> > Thanks
> >
> >
>
--
The only thing worse than e-mail disclaimers...is people who send e-mail
to lists complaining about them
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20110906/fc467073/attachment.sig>
More information about the NANOG
mailing list