[Snort-sigs] [Emerging-Sigs] Attack from .jp IPs
jesler at ...435...
Tue Dec 7 10:44:54 EST 2010
We haven't had anything reported into the Internet Storm Center yet this
On Tue, Dec 7, 2010 at 10:41 AM, Josh Little <josh at ...3536...> wrote:
> Yes, we here at the University of Southern Sounds - Arizona campus, an
> online music school, have been under constant attacks since this morning.
> The hardest hit has been our online student magazine, which has been
> replaced with the cryptic message "y at ...3537...@m0t0 0wNZ$". Any ideas why this is
> On Tue, Dec 7, 2010 at 10:18 AM, L0rd Ch0de1m0rt <l0rdch0de1m0rt at ...2420...
> > wrote:
>> Hello, almost exactly at 7:41 AM this morning multiple servers in my
>> enterprise are under attack by DDoS with TCP Zeroes-window size
>> destined to port 1941 and 1207, the hosts appear to resolve PTR as
>> hideki.tojo.jp, isoroku.yamamoto.jp, tomoyuki.yamashita.jp, and more.
>> Is anyone else seeing this?
>> -L0rd C.
>> Emerging-sigs mailing list
>> Emerging-sigs at ...3335...
>> Support Emerging Threats! Subscribe to Emerging Threats Pro
>> The ONLY place to get complete premium rulesets for Snort 2.4.0 through
> Emerging-sigs mailing list
> Emerging-sigs at ...3335...
> Support Emerging Threats! Subscribe to Emerging Threats Pro
> The ONLY place to get complete premium rulesets for Snort 2.4.0 through
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-sigs