[Pool] DDOS protection check?

Scott Baker bakers at canbytel.com
Mon Feb 10 16:58:02 UTC 2014


On 02/10/2014 08:49 AM, Brian Rak wrote:
> Your servers both look okay.  What did the email say?

This is the email that came in this weekend. Not sure when it supposedly
occurred though.

>
> Dear Admin, The following IP address, 65.182.224.39, which is located
> on your network has been actively exploited to launch launch a
> distributed denial of service attack against one or more IP addresses
> in the ranges of 108.170.21.34/29, and/or 184.164.158.160/29. The
> attack was detected as NTP Amplification, and the CVE on the exploited
> vulnerability can be found here:
> http://www.cvedetails.com/cve/CVE-2013-5211/. Please patch, or notify
> your customer to patch this vulnerability to help make the internet a
> better place for us all. If you require any other information, such as
> TCP Dump logs from the attack, please contact me at xnite at xnite.org
> THIS EMAIL IS NOT ACTIVELY MONITORED, DO NOT REPLY TO THIS EMAIL!!. 

-- 
Scott Baker - Canby Telcom 
System Administrator - RHCE - 503.266.8253



More information about the pool mailing list