[157954] in North American Network Operators' Group
new clueless security softwhere
daemon@ATHENA.MIT.EDU (Randy Bush)
Sat Nov 17 03:42:48 2012
Date: Sat, 17 Nov 2012 15:42:20 +0700
From: Randy Bush <randy@psg.com>
To: North American Network Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
new crapware on the misconfigured loose. did we not just have a thread
on frags? how long will it take the amateurs to learn about port 53?
sigh
randy
Date: Sat, 17 Nov 2012 16:15:23 +0800
To: randy@psg.com
From: Security Ops Center <security@communilink.net>
Subject: Network abuse from attacker: 147.28.0.39 to 203.124.10.107(ID# 86329)
Message-ID: <dda9f857e37eff2f1c53e3d60dcb12f6@localhost.localdomain>
Dear Sir,
We detected an attack/abuse to our network that come from an IP owned by your ASN.
The IP of your network [ 147.28.0.39 ] was infected and sending attack to our network [ 203.124.10.107 ].
The following is the logs that you can take proper actions. [TimeZone: GMT +8]
==================================================
2012-11-17 20:21:30 Fragmented traffic! From 147.28.0.39:53 to 203.124.9.11:56958,
2012-11-17 20:37:56 Fragmented traffic! From 147.28.0.39:53 to 203.124.10.223:39843,
2012-11-17 20:37:56 Fragmented traffic! From 147.28.0.39:3600 to 203.124.10.223:20678,
...
<hundreds of more lines>
==================================================
Should you have any questions, please call us at +(852) 29980833.
Please include the ticket number, ID#86329, in all communications on this issue.
Thank you,
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Security Ops Center - CommuniLink Internet Limited.
security@communilink.net
http://www.communilink.net
852.2998.0833 (voice) 852.2998.0899 (fax)
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
