new clueless security softwhere
Randy Bush
randy at psg.com
Sat Nov 17 08:42:20 UTC 2012
new crapware on the misconfigured loose. did we not just have a thread
on frags? how long will it take the amateurs to learn about port 53?
sigh
randy
Date: Sat, 17 Nov 2012 16:15:23 +0800
To: randy at psg.com
From: Security Ops Center <security at communilink.net>
Subject: Network abuse from attacker: 147.28.0.39 to 203.124.10.107(ID# 86329)
Message-ID: <dda9f857e37eff2f1c53e3d60dcb12f6 at localhost.localdomain>
Dear Sir,
We detected an attack/abuse to our network that come from an IP owned by your ASN.
The IP of your network [ 147.28.0.39 ] was infected and sending attack to our network [ 203.124.10.107 ].
The following is the logs that you can take proper actions. [TimeZone: GMT +8]
==================================================
2012-11-17 20:21:30 Fragmented traffic! From 147.28.0.39:53 to 203.124.9.11:56958,
2012-11-17 20:37:56 Fragmented traffic! From 147.28.0.39:53 to 203.124.10.223:39843,
2012-11-17 20:37:56 Fragmented traffic! From 147.28.0.39:3600 to 203.124.10.223:20678,
...
<hundreds of more lines>
==================================================
Should you have any questions, please call us at +(852) 29980833.
Please include the ticket number, ID#86329, in all communications on this issue.
Thank you,
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Security Ops Center - CommuniLink Internet Limited.
security at communilink.net
http://www.communilink.net
852.2998.0833 (voice) 852.2998.0899 (fax)
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
More information about the NANOG
mailing list