Fwd: port 123 reflection attacks
Colin Johnston
colinj at gt86car.org.uk
Wed Dec 30 09:04:59 UTC 2015
Where does it say we need to contact home cert instead on your website ?
verification of what ?
HSOFT ranges have been compromised by NTP reflection attacks and the NTP servers hosted by HSOFT need to have a NTP update.
This has been discussed on NANOG and I also sent information in Chinese to aid debug as well.
Have had no response from HSOFT…
Colin
> Begin forwarded message:
>
> From: "cncertcc" <cncert at cert.org.cn>
> Subject: Re:Fwd: port 123 reflection attacks
> Date: 30 December 2015 at 08:15:28 GMT
> To: "Colin Johnston" <colinj at gt86car.org.uk>
>
> Greetings,
> Please forward the case to the corresponding CERT you are located in first to have it transferred to CNCERT after verification. Thanks for your understanding.
>
>
>
>
>
>
> ------------------
>
> Thanks and Regards
> CNCERT/CC
> --------------------------------------------------------
> 国家互联网应急中心
> National Computer network Emergency Response technical Team / Coordination Center of China
> Tel:+8610-82991000 fax:+8610-82990375
> email: cncert at cert.org.cn website:www.cert.org.cn
> Address: A3 Yumin Road, Chaoyang District, Beijing,100029, China
> --------------------------------------------------------
>
>
>
> ------------------ Original ------------------
> From: "Colin Johnston"<colinj at gt86car.org.uk>;
> Date: Fri, Dec 25, 2015 07:31 PM
> To: "cncertcc"<cncert at cert.org.cn>;
> Cc: "Colin Johnston"<colinj at gt86car.org.uk>;
> Subject: Fwd: port 123 reflection attacks
>
>
>
>> Begin forwarded message:
>>
>> From: Colin Johnston <colinj at gt86car.org.uk <mailto:colinj at gt86car.org.uk>>
>> Subject: Fwd: port 123 reflection attacks
>> Date: 25 December 2015 at 11:27:02 GMT
>> To: oversea-support at cnnic.cn <mailto:oversea-support at cnnic.cn>, bdservice at cnnic.cn <mailto:bdservice at cnnic.cn>
>> Cc: Colin Johnston <colinj at gt86car.org.uk <mailto:colinj at gt86car.org.uk>>
>>
>> Can you investigate with priority please
>>
>> Colin
>>
>>
>>> Begin forwarded message:
>>>
>>> From: Colin Johnston <colinj at gt86car.org.uk <mailto:colinj at gt86car.org.uk>>
>>> Subject: port 123 reflection attacks
>>> Date: 25 December 2015 at 11:19:26 GMT
>>> To: 16036260 at qq.com <mailto:16036260 at qq.com>, ipas at cnnic.cn <mailto:ipas at cnnic.cn>
>>> Cc: Colin Johnston <colinj at gt86car.org.uk <mailto:colinj at gt86car.org.uk>>
>>>
>>> please stop the port 123 reflection attacks from 115.47.24.220
>>>
>>> Colin
>>>
>>
>
More information about the NANOG
mailing list