On Dec 28, 2010, at 10:53 AM, RandallM wrote: > Hi > Well this is interesting. Read the news on "Anonymous" attacking Bank > of Americal yesterday morning. > (https://www.infosecisland.com/blogview/10542-Bank-of-America-Hit-By-Anonymous-DDoS-Attack.html) > > Came to work, a small production marketing plant, and while doing > morning network work checks begin to notice various "port scans", > UDP/ICMP requests. AND THEN..BAM! for over 5 hrs went to no internet > until I was able to get ATT to block such to our broadcast IP from the > backbone. > > The mystery is the bank of America part or spoof of. Here is two of > the IP's used that I was able to capture with Wireshark: > > Internet Protocol, Src: wwwui.global.bankofamerica.com (171.159.228.173), > Internet Protocol, Src: 165.48.113.48 (165.48.113.48),
Backscatter from source-spoofed attacks? Very common, actually.. -danny > Anyone else have this happen or know of someone? > > > > > -- > been great, thanks > RandyM > a.k.a System > _______________________________________________ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
