nanog mailing list archives

Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC

From: "Octolus Development" <admin () octolus net>
Date: Tue, 28 Jan 2020 12:15:10 +0100

The problem is that they are spoofing our IP, to millions of IP's running port 80.
Making upstream providers filter it is quite difficult, i don't know all the upstream providers are used. 

The main problem is honestly services that reports SYN_RECV as Port Flood, but there isn't much one can do about 
misconfigured firewalls.I am sure there is a decent amount of honeypots on the internet acting the same way, resulting 
us (the victims of the attack) getting blacklisted for 'sending' attacks.
On 28.01.2020 05:50:14, "Dobbins, Roland" <roland.dobbins () netscout com> wrote:


On Jan 28, 2020, at 11:40, Dobbins, Roland <Roland.Dobbins () netscout com> wrote:


And even if his network weren't on the receiving end of a reflection/amplification attack, OP could still see 
backscatter, as Jared indicated. 

In point of fact, if the traffic was low-volume, this might in fact be what he was seeing. 

--------------------------------------------
Roland Dobbins <roland.dobbins () netscout com>

Current thread:

Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC, (continued)
- - - Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC Damian Menscher via NANOG (Jan 27)
    - Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC Töma Gavrichenkov (Jan 27)
    - Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC Töma Gavrichenkov (Jan 27)
    - Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC Damian Menscher via NANOG (Jan 27)
    - Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC Töma Gavrichenkov (Jan 27)
    - Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC Jean | ddostest.me via NANOG (Jan 28)
    - Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC Jared Mauch (Jan 27)
    - Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC Töma Gavrichenkov (Jan 27)
    - Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC Dobbins, Roland (Jan 27)
    - Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC Dobbins, Roland (Jan 27)
    - Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC Octolus Development (Jan 28)
    - Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC Dobbins, Roland (Jan 28)
    - Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC Tom Beecher (Jan 28)
    - Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC Octolus Development (Jan 28)
    - Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC Jean | ddostest.me via NANOG (Jan 28)
    - Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC Octolus Development (Jan 28)
    - Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC Damian Menscher via NANOG (Jan 28)
    - Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC xanonyws (Jan 29)
    - Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC Jean | ddostest.me via NANOG (Jan 30)
    - Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC Dobbins, Roland (Jan 27)