[AusNOG] NTP reflection used for world's largest DDoS

Nathan Brookfield Nathan.Brookfield at simtronic.com.au
Wed Feb 12 15:15:03 EST 2014


We've had some customers boxes through UECOMM IP transit compromised this morning, only small links but they're certainly going hard.  A few clients run Zimbra which is VMWare's mail server and it appears to have NTP open by default.

From: AusNOG [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Joshua D'Alton
Sent: Wednesday, 12 February 2014 3:03 PM
Cc: ausnog at lists.ausnog.net
Subject: Re: [AusNOG] NTP reflection used for world's largest DDoS

And looks like another one is running, level3 seems totally decimated at the moment, 100ms+ on usual routes.

On Tue, Feb 11, 2014 at 2:51 PM, Daniel Watson <daniel at glovine.com.au<mailto:daniel at glovine.com.au>> wrote:
http://www.itnews.com.au/News/372033,worlds-largest-ddos-strikes-us-europe.aspx

What is the world coming too.

D.

_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140212/c907576a/attachment-0001.html>


More information about the AusNOG mailing list