Looking around, I believe the issue is that the IP has ended up on a
master game list, so we are now getting the queries directed at US.
For anyone interested, there seems to be some info here:
http://forums.steampowered.com/forums/showthread.php?t=1670090
With the packet capture I have and the symptoms looking very alike the
example in my original email.
I found an earlier example as well with similar symptoms:
http://forums.srcds.com/viewtopic/15737
Is there anyone from Activision on the list or does anyone have an
Activision contact? Replies off list welcome, I can provide more details
there.
On 6/09/2011 6:10 PM, Alexander Harrowell wrote:
On Tuesday 06 Sep 2011 09:14:26 Greg Chalmers wrote:
Could be legitimate CoD servers responding to a spoofed query?
My first thought looking at the packet dump. Interesting that some poor
sap's hotmail address is embedded in it.
How much
traffic are you talking about out of curiosity?
Regards
Greg
On Tue, Sep 6, 2011 at 6:03 PM, BH wrote:
On 6/09/2011 4:00 PM, Dobbins, Roland wrote:
I've seen DDoS traffic on UDP/80 as far back as 2002
Hi Roland,
I should be a bit more clear sorry, I too have frequently seen
attacks
on 80/udp but mainly as a source (eg. compromised hosting accounts)
rather than the destination. I didn't in the past do a packet
capture,
but I lookes at a couple of scripts and the data was usually randm
or
just AA etc. The thing that perplexed me is why it appears to be
Call of Duty data more than anything...
Thanks