Out of curiosity -
Is it possible it's a command and control network, rather than
directly an attack?
On Wed, Mar 7, 2012 at 2:41 PM, Chris Stone wrote:
> On Wed, Mar 7, 2012 at 1:45 PM, Matthew Huff wrote:
>> Anyone else see a massive increase of scanning/dos with TCP source and/or
>> dst por
On Wed, Mar 7, 2012 at 1:45 PM, Matthew Huff wrote:
> Anyone else see a massive increase of scanning/dos with TCP source and/or
> dst port of 0? We started seeing a massive increase today creating some
> issue with our firewalls.
Not seeing a ton of them, but do see a few logged on most all of ou
On 03/07/2012 01:29 PM, Christopher Morrow wrote:
> On Wed, Mar 7, 2012 at 3:45 PM, Matthew Huff wrote:
>> Anyone else see a massive increase of scanning/dos with TCP source and/or
>> dst port of 0? We started seeing a massive increase today creating some
>> issue with our firewalls.
> srs/dst of
On Wed, Mar 7, 2012 at 3:45 PM, Matthew Huff wrote:
> Anyone else see a massive increase of scanning/dos with TCP source and/or
> dst port of 0? We started seeing a massive increase today creating some
> issue with our firewalls.
srs/dst of 0 as measured how? (tcpdump? netflow? app logs?)
I just scanned through the last 48 hours of logs and did not find anything.
We are peering with Level3 (AS 3549) and Verizon (AS 11486).
--
Michael Gatti
main. 949.371.5474
(UTC -8)
On Mar 7, 2012, at 12:45 PM, Matthew Huff wrote:
> Anyone else see a massive increase of scanning/dos with T
Anyone else see a massive increase of scanning/dos with TCP source and/or
dst port of 0? We started seeing a massive increase today creating some
issue with our firewalls.
Matthew Huff | 1 Manhattanville Rd
Director of Operations | Purchase, NY 10577
OTA Management L
6 matches
Mail list logo