North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: real-time DDoS help?
Just following up with a bit more info. While I have no way of knowing whether these IPs are the true source, and there's likely more that I didn't capture in the short windows where the router was up and exporting netflow data, this is what I have. If anyone here is in charge of the following blocks, perhaps you might want to have a look: 208.39.142 (comcast, business cable) 216.235.244 (e-xpedient) 218.244.162 (chinacom) 218.247.37 (china network connect) 61.48.80 (china network communications group) 62.231.65 (romania data systems) Actually, looking at those sources, I'm betting they're not spoofed. :) Thanks, Charles -- Charles Sprickman [email protected] On Sat, 19 Jun 2004, Charles Sprickman wrote: > Howdy, > > Is there any place where people with experience dealing with DDoS attacks > hang out? I'm getting very little assistance from my upstream beyond > "call whomever is in charge of each IP attacking and make them stop", and > "even though we null route the destination IP being attacked, this traffic > will be billed".
|