nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Reaching out to Sony NOC, resolving DDoS Issues - Need POC

From: Töma Gavrichenkov <ximaera () gmail com>
Date: Tue, 28 Jan 2020 04:10:01 +0300
Peace,

On Tue, Jan 28, 2020, 4:02 AM Damian Menscher via NANOG <nanog () nanog org>
wrote:


The victim already posted the signature to this thread:
  - source IP: 51.81.119.7
  - protocol: 6 (tcp)
  - tcp_flags: 2 (syn)

That alone is sufficient for Level3/CenturyLink/etc to identify the source
of this abuse and apply filters, if they choose.



If this endpoint doesn't connect to anything outside of their network, then
yes.

If it does though, the design of the filter might become more complicated.

If the OP posted their IPv4 addresses and networks to the list, it could've
been easier though (however the concerns about the administrative
processing procedures outlined before still apply).

--
Töma
Previous By Date Next
Previous By Thread Next

Current thread: