Re: Attack from .jp IPs

[Matt Olney <molney () sourcefire com>]

Do you have the original IPs?  Can't resolve any of those.

Matt

On Tue, Dec 7, 2010 at 10:18 AM, L0rd Ch0de1m0rt
<l0rdch0de1m0rt () gmail com>wrote:

> Hello, almost exactly at 7:41 AM this morning multiple servers in my
> enterprise are under attack by DDoS with TCP Zeroes-window size
> destined to port 1941 and 1207, the hosts appear to resolve PTR as
> hideki.tojo.jp, isoroku.yamamoto.jp, tomoyuki.yamashita.jp, and more.
> Is anyone else seeing this?
>
> Thanks.
>
> -L0rd C.
>
>
> ------------------------------------------------------------------------------
> What happens now with your Lotus Notes apps - do you make another costly
> upgrade, or settle for being marooned without product support? Time to move
> off Lotus Notes and onto the cloud with Force.com, apps are easier to
> build,
> use, and manage than apps on traditional platforms. Sign up for the Lotus
> Notes Migration Kit to learn more. http://p.sf.net/sfu/salesforce-d2d
> _______________________________________________
> Snort-sigs mailing list
> Snort-sigs () lists sourceforge net
> https://lists.sourceforge.net/lists/listinfo/snort-sigs
------------------------------------------------------------------------------
What happens now with your Lotus Notes apps - do you make another costly 
upgrade, or settle for being marooned without product support? Time to move
off Lotus Notes and onto the cloud with Force.com, apps are easier to build,
use, and manage than apps on traditional platforms. Sign up for the Lotus 
Notes Migration Kit to learn more. http://p.sf.net/sfu/salesforce-d2d

_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs