[55780] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: probable DDOS to 195.238.3.33

daemon@ATHENA.MIT.EDU (Martin Hannigan)
Mon Feb 10 17:13:21 2003

Date: Mon, 10 Feb 2003 17:12:05 -0500
From: Martin Hannigan <hannigan@fugawi.net>
To: "Bulger, Tim" <TBulger@ea.com>
Cc: nanog@merit.edu
In-Reply-To: <4EE2F983A19E9D4DAD0CDBC8C914ADD8013E29BF@eahq-mb3.rws.ad.ea.com>
Errors-To: owner-nanog-outgoing@merit.edu


On Mon, Feb 10, 2003 at 12:05:55PM -0800, Bulger, Tim wrote:
> 
> We're seeing packets with spoofed source addresses destined to
> 195.238.3.33 getting dropped on firewalls at several locations going
> outbound.  Googling has turned up nothing relating to that destination
> IP address.  Is anyone else seeing this?  Anyone know what it is?
> 
> Thanks,
> Tim
> 


This should help

> server ns1.skynet.be
Default Server:  ns1.skynet.be
Address:  195.238.3.17

> 195.238.3.33
Server:  ns1.skynet.be
Address:  195.238.3.17

Name:    userspool1.skynet.be
Address:  195.238.3.33

>


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[55780] in North American Network Operators' Group

Re: probable DDOS to 195.238.3.33

daemon@ATHENA.MIT.EDU (Martin Hannigan)Mon Feb 10 17:13:21 2003

daemon@ATHENA.MIT.EDU (Martin Hannigan)
Mon Feb 10 17:13:21 2003