 
| Subject: | |
| From: | |
| Reply To: | |
| Date: | Thu, 28 Jun 2001 14:50:00 GMT |
| Content-Type: | text/plain |
| Parts/Attachments: |
|
|
FYI,
We are trying to get a handle on the DDOS attacks that have been causing network performance issues over the last couple weeks. We do have the attacks blocked at the edges of our network, however, the attacks still cause routing update problems for us while they are happening. (See Garry's note below to get an idea of the Herculean effort it takes to stop DDOS attacks.) I ask for your patience while we work to find a way to put a stop to these attacks (besides waiting for the jerk behind them to get bored of them).
Jeff
Jeffrey Letourneau
Manager of Network Operations
UNET
University of Maine System
[log in to unmask]
-----Original Message-----
From: Network Operations Center List [mailto:[log in to unmask]]On
Behalf Of Garry Peirce
Sent: Thursday, June 28, 2001 10:26 AM
To: [log in to unmask]
Subject: Re: Case B-TSI-003198415 ICMP flood
fyi..
This note was sent to all contacts for the following machines.
Most if not all are from Europe.
==============================================
Over the past few weeks a machine of ours (130.111.112.21) has
been occasionally attacked via an ICMP flood.
When it occured yesterday around 4:00PM EST, a number of the
attacking hosts were logged. I am writing to you as your address
is listed as the administrator for the network of the offending
machine.
Please examine your machine listed as it has probably been
compromised and we'd appreciate your assistance in stopping
these attacks.
The machines involved yesterday were:
129.143.87.50
141.47.70.20
192.152.242.196
194.2.149.184
194.3.78.2
194.3.78.60
195.1.193.239
195.1.216.85
195.1.244.227
195.1.244.232
195.1.244.236
195.126.124.241
195.126.174.153
195.126.176.11
195.126.204.140
195.126.39.3
195.126.49.20
195.126.58.178
195.146.226.148
195.2.113.250
195.2.126.101
195.3.106.206
195.3.108.82
195.3.110.54
195.3.82.246
195.3.85.9
195.4.150.58
195.4.150.78
195.49.33.26
195.6.184.12
195.6.184.30
195.6.252.39
195.7.101.190
195.7.101.191
195.7.101.193
195.7.12.43
195.7.123.51
195.7.182.210
195.7.186.102
195.7.190.162
204.19.134.72
206.252.213.246
207.0.114.90
207.0.116.185
207.0.221.100
207.0.239.113
207.1.210.65
207.12.168.171
207.13.220.246
207.13.223.245
207.13.242.165
207.14.132.131
207.14.132.132
207.14.235.236
207.15.41.3
207.17.13.36
207.2.161.137
207.2.216.157
207.224.115.194
207.224.13.147
207.224.141.132
207.224.156.131
207.224.156.133
207.224.186.217
207.224.21.49
207.224.236.7
207.224.241.227
207.224.242.39
207.224.243.67
207.224.30.26
207.224.78.213
207.252.175.126
207.3.86.95
207.4.42.28
207.5.37.246
207.7.43.48
209.0.15.2
209.2.98.71
209.247.104.198
209.247.104.4
209.247.104.72
209.247.105.34
209.247.108.152
209.247.108.157
209.247.124.241
209.247.149.13
209.247.149.160
209.247.166.136
209.247.233.145
209.247.249.10
209.247.69.7
209.3.24.118
212.0.106.112
212.111.57.101
212.111.57.12
212.73.235.162
213.196.33.243
213.221.15.2
213.221.158.36
213.221.158.37
213.221.19.235
213.221.23.166
213.221.9.135
213.68.0.221
213.68.12.135
213.68.204.2
213.68.23.40
213.68.23.50
213.68.236.25
213.68.236.53
213.68.236.79
213.68.93.70
217.5.227.219
24.132.14.198
24.132.56.162
24.132.61.89
24.132.91.28
62.165.0.34
62.192.5.40
64.50.56.210
195.126.140.49
195.2.69.100
206.252.211.118
209.247.233.253
194.164.90.29
207.4.222.117
194.3.18.35
24.132.13.59
194.3.59.202
213.68.236.46
Garry Peirce [log in to unmask] 1-207-581-3539
============================================
== Network Analyst
== UNET Technology Services, Network Operations
== University of Maine System
============================================
|
|
|
