Reaching out to Sony NOC, resolving DDoS Issues - Need POC
Octolus Development
admin at octolus.net
Tue Jan 28 11:15:10 UTC 2020
The problem is that they are spoofing our IP, to millions of IP's running port 80.
Making upstream providers filter it is quite difficult, i don't know all the upstream providers are used.
The main problem is honestly services that reports SYN_RECV as Port Flood, but there isn't much one can do about misconfigured firewalls.I am sure there is a decent amount of honeypots on the internet acting the same way, resulting us (the victims of the attack) getting blacklisted for 'sending' attacks.
On 28.01.2020 05:50:14, "Dobbins, Roland" <roland.dobbins at netscout.com> wrote:
On Jan 28, 2020, at 11:40, Dobbins, Roland <Roland.Dobbins at netscout.com> wrote:
And even if his network weren't on the receiving end of a reflection/amplification attack, OP could still see backscatter, as Jared indicated.
In point of fact, if the traffic was low-volume, this might in fact be what he was seeing.
--------------------------------------------
Roland Dobbins <roland.dobbins at netscout.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20200128/18bce8d2/attachment.html>
More information about the NANOG
mailing list