nanog mailing list archives
Re: DDoS - CoD? - Activision contact
From: BH <lists () blackhat bz>
Date: Tue, 06 Sep 2011 21:02:37 +0800
Looking around, I believe the issue is that the IP has ended up on a master game list, so we are now getting the queries directed at US.
For anyone interested, there seems to be some info here: http://forums.steampowered.com/forums/showthread.php?t=1670090With the packet capture I have and the symptoms looking very alike the example in my original email.
I found an earlier example as well with similar symptoms: http://forums.srcds.com/viewtopic/15737Is there anyone from Activision on the list or does anyone have an Activision contact? Replies off list welcome, I can provide more details there.
On 6/09/2011 6:10 PM, Alexander Harrowell wrote:
On Tuesday 06 Sep 2011 09:14:26 Greg Chalmers wrote:Could be legitimate CoD servers responding to a spoofed query?My first thought looking at the packet dump. Interesting that some poor sap's hotmail address is embedded in it.How much traffic are you talking about out of curiosity? Regards Greg On Tue, Sep 6, 2011 at 6:03 PM, BH<lists () blackhat bz> wrote:On 6/09/2011 4:00 PM, Dobbins, Roland wrote:I've seen DDoS traffic on UDP/80 as far back as 2002Hi Roland, I should be a bit more clear sorry, I too have frequently seenattackson 80/udp but mainly as a source (eg. compromised hosting accounts) rather than the destination. I didn't in the past do a packetcapture,but I lookes at a couple of scripts and the data was usually randmorjust AAAAAA etc. The thing that perplexed me is why it appears to be Call of Duty data more than anything... Thanks
Current thread:
- DDoS - CoD? BH (Sep 06)
- Re: DDoS - CoD? Dobbins, Roland (Sep 06)
- RE: DDoS - CoD? John van Oppen (Sep 06)
- Re: DDoS - CoD? BH (Sep 06)
- Re: DDoS - CoD? Greg Chalmers (Sep 06)
- Re: DDoS - CoD? Alexander Harrowell (Sep 06)
- Re: DDoS - CoD? - Activision contact BH (Sep 06)
- Re: DDoS - CoD? - Activision contact Jeff Walter (Sep 07)
- Re: DDoS - CoD? Dobbins, Roland (Sep 06)
- Re: DDoS - CoD? Mark Grigsby (Sep 06)
- Re: DDoS - CoD? George Herbert (Sep 06)
- Re: DDoS - CoD? Ryan Gelobter (Sep 08)