Educause Security Discussion mailing list archives
Czdlxy.163.com and High Bandwidth Utilisation
From: Tim Lane <tlane () SCU EDU AU>
Date: Tue, 19 Aug 2008 08:36:01 +1000
Hi All, we are having an anomaly occur on our network where our Internet link is experiencing 100% utilisation and the proxies are reporting massive downloads from Czdlxy.163.com but the traffic does not seem to come inside our network to workstations, just to the proxies. Czdlxy.163.com appears to be related to some Chinese Online Gaming website (but translation makes it difficult to pinpoint exactly). This makes me think that either: 1) Proxy servers are compromised and are hosting content 2) Denial of service 3) Traffic is actually going inside our network and we cannot see it (at this stage). I realise this is basic information but has anyone heard of this site before or do they have any suggestions or thoughts on what could be occurring? Is anyone else seeing something similar? Thanks, Tim Lane Tim Lane Information Security Program Manager Information Technology and Telecommunication Services Southern Cross University PO Box 157 Lismore NSW 2480 Phone (02) 6620 3290 Fax(02) 6620 3033 Email: tlane () scu edu au http://www.scu.edu.au
Current thread:
- Czdlxy.163.com and High Bandwidth Utilisation Tim Lane (Aug 18)