[Pool] DDOS protection check?
bakers at canbytel.com
Mon Feb 10 16:58:02 UTC 2014
On 02/10/2014 08:49 AM, Brian Rak wrote:
> Your servers both look okay. What did the email say?
This is the email that came in this weekend. Not sure when it supposedly
> Dear Admin, The following IP address, 188.8.131.52, which is located
> on your network has been actively exploited to launch launch a
> distributed denial of service attack against one or more IP addresses
> in the ranges of 184.108.40.206/29, and/or 220.127.116.11/29. The
> attack was detected as NTP Amplification, and the CVE on the exploited
> vulnerability can be found here:
> http://www.cvedetails.com/cve/CVE-2013-5211/. Please patch, or notify
> your customer to patch this vulnerability to help make the internet a
> better place for us all. If you require any other information, such as
> TCP Dump logs from the attack, please contact me at xnite at xnite.org
> THIS EMAIL IS NOT ACTIVELY MONITORED, DO NOT REPLY TO THIS EMAIL!!.
Scott Baker - Canby Telcom
System Administrator - RHCE - 503.266.8253
More information about the pool