[AusNOG] UDP based HTTP attack?
Matt Richards
matt at shakesbeare.com
Sun Sep 20 10:04:12 EST 2015
One of our servers had an insecure NTP config, and it was being used in
a DDoS attack to udp/80.
Matt.
On 20/09/2015 12:01 p.m., Joseph Goldman wrote:
> Hi *,
>
> One of my webservers just went under DDoS attack so before
> blackholing the IP I decided to capture some traffic - At a quick
> glance I could see it was port 80 but after firing up wireshark I saw
> it was all UDP - is it common to send UDP payloads to Port 80? I was
> hoping to get the URI in the request to know which site in particular
> was getting targeted, but oh well.
>
> Thanks,
> Joe
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
More information about the AusNOG
mailing list