Servers offline?
Posted: Wed Jan 11, 2012 12:17 pm
Red square, and 0/0 on GT.
How come?
How come?
Tremulous server
http://trem.rotaxmame.cz/subdom/trem/
http://trem.rotaxmame.cz/subdom/trem/viewtopic.php?f=5&t=1146
Your IP 46.28.108.190 attacked xat.com with udp packets as part of a
co-ordinated DDOS attack.
If you are running a game server this may be useful:
There is a known exploit with the "quake engine" used by various FPS type
games.
Your server may be being used for a Distributed Reflection Denial of
Service attack. eg:
- Attacker spoofs some packets (with our server ip) and asks gameserver to
send all server information (about 2k of data)
- gameserver sends all server information (500k of data)
- Attacker repeats for thousands of gameservers
If you are running a DNS server it may be being used for a reflection
attack. This may be useful:
http://www.shortestpathfirst.net/2009/1 ... g-attacks/
Please contact me to confirm that you have addressed this matter and that
action will be taken against your customer/compromised machine and this
server will be taken down to prevent a repeat of this illegal activity.
Please contact me to confirm that you have addressed this matter and that
action will be taken against your customer/compromised machine and this
server will be taken down to prevent a repeat of this illegal activity.
Code: Select all
Your IP 46.182.120.203 attacked wrestlinghub with udp packets as part of a
co-ordinated DDOS attack.
Estimated bandwidth: 426 Mb/s
I need you to contact me to confirm that you have addressed this matter and
that action will be taken against your customer/compromised machine and this
server will be taken down to prevent a repeat of this illegal activity.
I look forward to hearing from you as a matter of urgency.
Richard
xat.com
Code: Select all
Your IP 188.138.116.207 attacked xat.com with udp packets as part of a
co-ordinated DDOS attack.
Estimated bandwidth: 4 Mb/s
We got this from another host and it might prove useful:
"After investigation we found out that the attacker exploited a
vulnerability in the Call of Duty 2 server code, which is , as of now still
not patched by Acitivision. We're looking into filtering this specific type
of traffic outgoing
untill the developers come up with a fix
Code: Select all
One of them is running Windows Server 2008, and I got an email this morning that it was being used in a coordinated DDOS attack using UDP 1500 Byte packets against xat.com (217.23.3.215).