[89517] in North American Network Operators' Group
Re: Ongoing DDoS helped by non responsive abuse desks
daemon@ATHENA.MIT.EDU (Steve Linford)
Thu Mar 23 16:27:50 2006
In-Reply-To: <683c90650603230754w47c63873l@mail.gmail.com>
From: Steve Linford <linford@spamhaus.org>
To: nanog@merit.edu
Date: Thu, 23 Mar 2006 21:27:16 +0000
Errors-To: owner-nanog@merit.edu
On 23 Mar 2006, at 16:54, Martin Lathoud wrote:
> One of our web servers got hammered by ~5K req/s for hours from
> browsers with the following referer:
> http://www.freewebs.com/ihatespammers/nospam.html
> Both freewebs.com and their network provider Cogent has been contacted
> without any visible result
I found freewebs very responsive, I emailed them and they shut the
site down instantly.
It's likely the originators of the DDOS are the Yambo gang out of
Ukraine. Other hosts involved in this attack are located on Chinese
IPs we know to be under the control of Yambo...
http://www.spamhaus.org/rokso/listing.lasso?-op=cn&spammer=Yambo%
20Financials
Steve Linford
The Spamhaus Project
http://www.spamhaus.org
