Snort mailing list archives
Re: [Emerging-Sigs] Attack from .jp IPs
From: "evilghost () packetmail net" <evilghost () packetmail net>
Date: Tue, 7 Dec 2010 09:43:52 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 For what it's worth, I've not see anything pop up on the radar, I suspect this may just be a hoax. - -evilghost On 12/07/10 09:41, Josh Little wrote:
Yes, we here at the University of Southern Sounds - Arizona campus, an online music school, have been under constant attacks since this morning. The hardest hit has been our online student magazine, which has been replaced with the cryptic message "y@M@m0t0 0wNZ$". Any ideas why this is happening? ZT On Tue, Dec 7, 2010 at 10:18 AM, L0rd Ch0de1m0rt <l0rdch0de1m0rt () gmail com <mailto:l0rdch0de1m0rt () gmail com>> wrote: Hello, almost exactly at 7:41 AM this morning multiple servers in my enterprise are under attack by DDoS with TCP Zeroes-window size destined to port 1941 and 1207, the hosts appear to resolve PTR as hideki.tojo.jp <http://hideki.tojo.jp>, isoroku.yamamoto.jp <http://isoroku.yamamoto.jp>, tomoyuki.yamashita.jp <http://tomoyuki.yamashita.jp>, and more. Is anyone else seeing this? Thanks. -L0rd C. _______________________________________________ Emerging-sigs mailing list Emerging-sigs () emergingthreats net <mailto:Emerging-sigs () emergingthreats net> http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs Support Emerging Threats! Subscribe to Emerging Threats Pro http://www.emergingthreatspro.com The ONLY place to get complete premium rulesets for Snort 2.4.0 through Current! _______________________________________________ Emerging-sigs mailing list Emerging-sigs () emergingthreats net http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs Support Emerging Threats! Subscribe to Emerging Threats Pro http://www.emergingthreatspro.com The ONLY place to get complete premium rulesets for Snort 2.4.0 through Current!
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iQIcBAEBAgAGBQJM/lY4AAoJENgimYXu6xOHUo4P/RK6H9cS3nq/cnW3q0yTZoWD 4QjeiyaVwV0t1cPn5UHOC/ByTnyHy21IaY1iR/vXScgC3q3TB1q2RXSqpbpCpPnc y4Z5CSc7wiAurIAyX0xkp3tBjVaktiwTfEptR5tG99Gk5eskTVX586IXRH2/rTWc p3y/rf48y1LXIYunwe+KHTe5scUV7I9hxLEiZFysAFspALEkqDk5NHuko8VxDo6G DOhPo1jOOOQGFoyhVhwz5XIEn9R0jUkRk7sU5d2CTZMFscz5sm2k8xrKsjjjg59v Es2W0AiHshkhT2ROKuk8GqbOTeCKa1C5JlSBFQC8l1tkwWhv/GBzQNsuhXWIswlP vmS71exUlwNqfbSt5Z2e/5j04UykRqKwVjuNTupYniHCekaMTJ5GzLyj/toaZZKC L8wygmbKoY5iZdV6ilQBBdDA9dQssMw2WybNOqbj1mRIJD6dOV2F182jCZzL7d2O P5Bgoa7VqGXk1RglubgBlEPsUxenrrwIxgv2X0MnrRVBWL70TUTKu17yAeRD+JIn hyjdsDk8Vqy9GaoWxWsfp0Odiro4zYoLjc3qkBBrq0yYjk3m5NitqHOaE0dHdeMq E+qpBPrFMmY5SBJDCDsZI4ukjCMJx9SHAYf+QveKt4VPbM2Yk9vKmOMkRO9/KIQg Oc/VS5/njTg8XiOPsfBD =U3oI -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ What happens now with your Lotus Notes apps - do you make another costly upgrade, or settle for being marooned without product support? Time to move off Lotus Notes and onto the cloud with Force.com, apps are easier to build, use, and manage than apps on traditional platforms. Sign up for the Lotus Notes Migration Kit to learn more. http://p.sf.net/sfu/salesforce-d2d _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs
Current thread:
- Re: [Emerging-Sigs] Attack from .jp IPs, (continued)
- Re: [Emerging-Sigs] Attack from .jp IPs Jason Wallace (Dec 07)
- Re: [Emerging-Sigs] Attack from .jp IPs Sandro guly Zaccarini (Dec 07)
- Re: Attack from .jp IPs Matt Olney (Dec 07)
- Message not available
- Re: [Emerging-Sigs] Attack from .jp IPs Mike Cox (Dec 07)
- Re: [Emerging-Sigs] Attack from .jp IPs Steve McChortle (Dec 07)
- Message not available
- Re: [Emerging-Sigs] Attack from .jp IPs Jason Wallace (Dec 07)
- Re: Attack from .jp IPs Martin Roesch (Dec 07)
- Re: Attack from .jp IPs Giles Coochey (Dec 07)
- Re: Attack from .jp IPs Jamie Riden (Dec 07)
- Re: [Emerging-Sigs] Attack from .jp IPs Josh Little (Dec 07)
- Re: [Emerging-Sigs] Attack from .jp IPs Joel Esler (Dec 07)
- Re: [Emerging-Sigs] Attack from .jp IPs evilghost () packetmail net (Dec 07)
- Re: [Emerging-Sigs] Attack from .jp IPs Tom Le (Dec 07)
- Re: [Emerging-Sigs] Attack from .jp IPs Jamie Riden (Dec 08)