nanog mailing list archives
Fwd: port 123 reflection attacks
From: Colin Johnston <colinj () gt86car org uk>
Date: Wed, 30 Dec 2015 09:04:59 +0000
Where does it say we need to contact home cert instead on your website ? verification of what ? HSOFT ranges have been compromised by NTP reflection attacks and the NTP servers hosted by HSOFT need to have a NTP update. This has been discussed on NANOG and I also sent information in Chinese to aid debug as well. Have had no response from HSOFT… Colin
Begin forwarded message: From: "cncertcc" <cncert () cert org cn> Subject: Re:Fwd: port 123 reflection attacks Date: 30 December 2015 at 08:15:28 GMT To: "Colin Johnston" <colinj () gt86car org uk> Greetings, Please forward the case to the corresponding CERT you are located in first to have it transferred to CNCERT after verification. Thanks for your understanding. ------------------ Thanks and Regards CNCERT/CC -------------------------------------------------------- 国家互联网应急中心 National Computer network Emergency Response technical Team / Coordination Center of China Tel:+8610-82991000 fax:+8610-82990375 email: cncert () cert org cn website:www.cert.org.cn Address: A3 Yumin Road, Chaoyang District, Beijing,100029, China -------------------------------------------------------- ------------------ Original ------------------ From: "Colin Johnston"<colinj () gt86car org uk>; Date: Fri, Dec 25, 2015 07:31 PM To: "cncertcc"<cncert () cert org cn>; Cc: "Colin Johnston"<colinj () gt86car org uk>; Subject: Fwd: port 123 reflection attacksBegin forwarded message: From: Colin Johnston <colinj () gt86car org uk <mailto:colinj () gt86car org uk>> Subject: Fwd: port 123 reflection attacks Date: 25 December 2015 at 11:27:02 GMT To: oversea-support () cnnic cn <mailto:oversea-support () cnnic cn>, bdservice () cnnic cn <mailto:bdservice () cnnic cn> Cc: Colin Johnston <colinj () gt86car org uk <mailto:colinj () gt86car org uk>> Can you investigate with priority please ColinBegin forwarded message: From: Colin Johnston <colinj () gt86car org uk <mailto:colinj () gt86car org uk>> Subject: port 123 reflection attacks Date: 25 December 2015 at 11:19:26 GMT To: 16036260 () qq com <mailto:16036260 () qq com>, ipas () cnnic cn <mailto:ipas () cnnic cn> Cc: Colin Johnston <colinj () gt86car org uk <mailto:colinj () gt86car org uk>> please stop the port 123 reflection attacks from 115.47.24.220 Colin
Current thread:
- Fwd: port 123 reflection attacks Colin Johnston (Dec 30)
- Re: Fwd: port 123 reflection attacks alvin nanog (Dec 30)
- Re: Fwd: port 123 reflection attacks Randy Bush (Dec 30)
- Re: Fwd: port 123 reflection attacks alvin nanog (Dec 30)