[191698] in North American Network Operators' Group
Re: IP addresses being attacked in Krebs DDoS?
daemon@ATHENA.MIT.EDU (Damian Menscher via NANOG)
Sun Sep 25 18:42:09 2016
X-Original-To: nanog@nanog.org
In-Reply-To: <201609252009.OAA17053@mail.lariat.net>
Date: Sun, 25 Sep 2016 15:40:58 -0700
To: Brett Glass <nanog@brettglass.com>
From: Damian Menscher via NANOG <nanog@nanog.org>
Reply-To: Damian Menscher <damian@google.com>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Sun, Sep 25, 2016 at 1:01 PM, Brett Glass <nanog@brettglass.com> wrote:
> As an ISP who is pro-active when it comes to security, I'd like to know
> what IP address(es) are being hit by the Krebs on Security DDoS attack. If
> we know, we can warn customers that they are harboring infected PCs and/or
> IoT devices. (And if all ISPs did this, it would be possible to curtail
> such attacks and plug the security holes that make them possible.)
>
130.211.45.45 (it's just the one IP, not DNS-balanced).
Thanks for your interest in cleaning up your infected customers! 10,000
ASNs to go....
Damian
--
Damian Menscher :: Security Reliability Engineer :: Google :: AS15169
