nanog mailing list archives
Re: DDoS - CoD?
From: Alexander Harrowell <a.harrowell () gmail com>
Date: Tue, 6 Sep 2011 11:10:22 +0100
On Tuesday 06 Sep 2011 09:14:26 Greg Chalmers wrote:
Could be legitimate CoD servers responding to a spoofed query?
My first thought looking at the packet dump. Interesting that some poor sap's hotmail address is embedded in it.
How much traffic are you talking about out of curiosity? Regards Greg On Tue, Sep 6, 2011 at 6:03 PM, BH <lists () blackhat bz> wrote:On 6/09/2011 4:00 PM, Dobbins, Roland wrote:I've seen DDoS traffic on UDP/80 as far back as 2002Hi Roland, I should be a bit more clear sorry, I too have frequently seen
attacks
on 80/udp but mainly as a source (eg. compromised hosting accounts) rather than the destination. I didn't in the past do a packet
capture,
but I lookes at a couple of scripts and the data was usually randm
or
just AAAAAA etc. The thing that perplexed me is why it appears to be Call of Duty data more than anything... Thanks
-- The only thing worse than e-mail disclaimers...is people who send e-mail to lists complaining about them
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- DDoS - CoD? BH (Sep 06)
- Re: DDoS - CoD? Dobbins, Roland (Sep 06)
- RE: DDoS - CoD? John van Oppen (Sep 06)
- Re: DDoS - CoD? BH (Sep 06)
- Re: DDoS - CoD? Greg Chalmers (Sep 06)
- Re: DDoS - CoD? Alexander Harrowell (Sep 06)
- Re: DDoS - CoD? - Activision contact BH (Sep 06)
- Re: DDoS - CoD? - Activision contact Jeff Walter (Sep 07)
- Re: DDoS - CoD? Dobbins, Roland (Sep 06)
- Re: DDoS - CoD? Mark Grigsby (Sep 06)
- Re: DDoS - CoD? George Herbert (Sep 06)
- Re: DDoS - CoD? Ryan Gelobter (Sep 08)