Opps, guess I pissed off Storm! :)
I started playing with the storm DNS today, not realizing how quickly I was querying the domains.
The DDOS took me offline for about 2 hours today before it was mitigated.
The DDOS was ~6Mbps, with spikes between 10 and 12 Mbps. It consisted of both syn packets to random ports as well as ICMP with the payload "abcdefghijklmnopqr".
I was able to self mitigate down to 2-3Mbps, but the spikes still kept me off the net. My ISP was able to completely mitigate the attack and wish me well.
I took a few minutes and ran tcpdump - mostly to figure out how to identify the icmp payloads. In about five minutes time I captured 1,983,749 packets generated by 1605 unique IP addresses.
This attack was just enough to get my attention. The networks full power was not flexed and I was back online fairly quick. He could have made it much worse for me. This guy is experienced, there is no question - frankly, I'm excited!
NOTE: The DDoS attack was on my Honeypot IP. Not the website.
The DDOS took me offline for about 2 hours today before it was mitigated.
The DDOS was ~6Mbps, with spikes between 10 and 12 Mbps. It consisted of both syn packets to random ports as well as ICMP with the payload "abcdefghijklmnopqr".
I was able to self mitigate down to 2-3Mbps, but the spikes still kept me off the net. My ISP was able to completely mitigate the attack and wish me well.
I took a few minutes and ran tcpdump - mostly to figure out how to identify the icmp payloads. In about five minutes time I captured 1,983,749 packets generated by 1605 unique IP addresses.
This attack was just enough to get my attention. The networks full power was not flexed and I was back online fairly quick. He could have made it much worse for me. This guy is experienced, there is no question - frankly, I'm excited!
NOTE: The DDoS attack was on my Honeypot IP. Not the website.
posted by Nicholas at
03:46
1 Comments:
O.O
sounds like something out of one of those futuristic tech stories. good luck, mate.
Post a Comment
<< Home