[148782] in North American Network Operators' Group
Re: LAw Enforcement Contact
daemon@ATHENA.MIT.EDU (A. Pishdadi)
Sun Jan 22 20:31:57 2012
In-Reply-To: <CAArzuov3A_02-OaEoO2EH+jejy9OcHSBbdUe-WeHj+uNTxRTAA@mail.gmail.com>
Date: Sun, 22 Jan 2012 19:31:09 -0600
From: "A. Pishdadi" <apishdadi@gmail.com>
To: Suresh Ramasubramanian <ops.lists@gmail.com>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
The IP's are masked, you only see part of the IP/hostname, if there is
someone from amazon here, feel free to contact me.
The C&C is hosted at theplanet/softlayer
On Sun, Jan 22, 2012 at 7:26 PM, Suresh Ramasubramanian <ops.lists@gmail.com
> wrote:
> FBI sure - but if you have AWS servers in the mix, contact Amazon
> security first.
>
> On Mon, Jan 23, 2012 at 6:46 AM, A. Pishdadi <apishdadi@gmail.com> wrote:
> >
> > We recently tracked down a botnet that attacked our network. We found the
> > C&C server, it has approximately 40-50 servers, consisting of mostly *nix
> > machines with high speed connections, for example AWS servers or
> dedicated,
> > attack capacity is 4-5Gb/s or more. Is there any contacts with law
> > enforcement here that I can send over the info too?
>
>
>
> --
> Suresh Ramasubramanian (ops.lists@gmail.com)
>
