nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Spamhaus under DDOS from AnonOps (Wikileaks.info)

From: Jack Bates <jbates () brightok net>
Date: Sat, 18 Dec 2010 22:58:48 -0600
On 12/18/2010 5:15 PM, Marshall Eubanks wrote:


I get nothing from wikileaks.org, although the DNS is active :



$ host wikileaks.org
wikileaks.org has address 64.64.12.170
$ telnet 64.64.12.170 80
Trying 64.64.12.170...
Connected to 64.64.12.170.
Escape character is '^]'.
GET / HTTP/1.1
Host: wikileaks.org

HTTP/1.1 302 Found
Date: Sun, 19 Dec 2010 04:56:23 GMT
Server: Apache
Location: http://mirror.wikileaks.info/
Content-Length: 213
Content-Type: text/html; charset=iso-8859-1

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>302 Found</title>
</head><body>
<h1>Found</h1>
<p>The document has moved <a href="http://mirror.wikileaks.info/";>here</a>.</p> 
</body></html>
Connection to 64.64.12.170 closed by foreign host.


and, at least here, a traceroute disappears into servint
<snip>
  8  64.125.195.222.t00883-02.above.net (64.125.195.222)  15.905 ms  12.172 ms  12.072 ms
  9  sc-smv1766.servint.net (216.22.61.86)  15.879 ms  11.974 ms  13.761 ms
10  * * *


I see same timeouts, but tcp/80 is going through. Filtering, I suspect.


Jack
Previous By Date Next
Previous By Thread Next

Current thread: