funsec mailing list archives

Re: Attacked by Bank of America!!

From: Danny McPherson <danny () tcb net>
Date: Tue, 28 Dec 2010 22:09:31 -0500


On Dec 28, 2010, at 10:53 AM, RandallM wrote:

Hi
Well this is interesting. Read the news on "Anonymous" attacking Bank
of Americal yesterday morning.
(https://www.infosecisland.com/blogview/10542-Bank-of-America-Hit-By-Anonymous-DDoS-Attack.html)

Came to work, a small production marketing plant, and while doing
morning network work checks begin to notice various "port scans",
UDP/ICMP requests. AND THEN..BAM! for over 5 hrs went to no internet
until I was able to get ATT to block such to our broadcast IP from the
backbone.

The mystery is the bank of America part or spoof of. Here is two of
the IP's used that I was able to capture with Wireshark:

Internet Protocol, Src: wwwui.global.bankofamerica.com (171.159.228.173),
Internet Protocol, Src: 165.48.113.48 (165.48.113.48),


Backscatter from source-spoofed attacks?  Very common, actually..

-danny

Anyone else have this happen or know of someone?




-- 
been great, thanks
RandyM
a.k.a System
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.



_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Attacked by Bank of America!! RandallM (Dec 28)
- Re: Attacked by Bank of America!! Danny McPherson (Dec 28)