nanog mailing list archives

Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours

From: Curtis Maurand <cmaurand () xyonet com>
Date: Tue, 21 Jul 2015 08:09:56 -0400


DNS is still largely UDP.

--Curtis

On 7/20/2015 5:40 PM, Ca By wrote:

Folks, it may be time to  take the next step and admit that UDP is too
broken to support

https://tools.ietf.org/html/draft-byrne-opsec-udp-advisory-00

Your comments have been requested



On Mon, Jul 20, 2015 at 8:57 AM, Drew Weaver <drew.weaver () thenap com> wrote:

Has anyone else seen a massive amount of illegitimate UDP 1720 traffic
coming from China being sent towards IP addresses which provide VoIP
services?

I'm talking in the 20-30Gbps range?

The first incident was yesterday at around 13:00 EST, the second incident
was today at 09:00 EST.

I'm assuming this is just another DDoS like all others, but I would be
interested to hear if I am not the only one seeing this.

On list or off-list is fine.

Thanks,
-Drew


--
Best Regards
Curtis Maurand
Principal
Xyonet Web Hosting
mailto:cmaurand () xyonet com
http://www.xyonet.com

Current thread:

Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours, (continued)
- - - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Mike Hammett (Jul 21)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Christopher Morrow (Jul 20)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours ML (Jul 20)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Colin Johnston (Jul 20)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Valdis . Kletnieks (Jul 20)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours James Milko (Jul 20)
- Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Ca By (Jul 20)
  - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours John Weekes (Jul 20)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Ca By (Jul 20)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours John (Jul 20)
  - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Curtis Maurand (Jul 21)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Jared Mauch (Jul 21)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Rafael Possamai (Jul 21)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Pavel Odintsov (Jul 21)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Rafael Possamai (Jul 21)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Pavel Odintsov (Jul 21)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Mike Hammett (Jul 21)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Rafael Possamai (Jul 21)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Jared Mauch (Jul 21)
    - Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Curtis Maurand (Jul 21)
- Re: 20-30Gbps UDP 1720 traffic appearing to originate from CN in last 24 hours Scott Weeks (Jul 20)

(Thread continues...)