Last Updated: 2013-05-24 23:08:16 UTC
by Manuel Humberto Santander Pelaez (Version: 1)
We have seen today a big rise of incoming packets of what appears to be a SQL Slammer attacks. Some of the detected packets are:
We have seen a sustained rate in many nodes inside AS13489 and AS27989 nodes of about 25 Mbps. Some very old SQL servers have been compromised, but the Internet speed has been compromised and navigation it's very slow.
Have you seen something like this today on your AS? Let us know!
If you have more information or corrections regarding our diary, please share.
|2013-05-24||Manuel Humberto Santander Pelaez||UDP port 1434 directed attack to AS13489 IP ranges (0 Comments)|
|2013-05-23||Adrien de Beaupre||MoVP II (1 Comments)|
|2013-05-22||Adrien de Beaupre||Privilege escalation, why should I care? (15 Comments)|
|2013-05-21||Adrien de Beaupre||Moore, Oklahoma tornado charitable organization scams, malware, and phishing (1 Comments)|
|2013-05-20||Johannes Ullrich||Ubuntu Package available to submit firewall logs to DShield (3 Comments)|
|2013-05-20||Guy Bruneau||Safe - Tools, Tactics and Techniques (0 Comments)|
|2013-05-19||Kevin Shortt||Port 51616 - Got Packets? (1 Comments)|
|2013-05-17||Daniel Wesemann||e-netprotections.su ? (3 Comments)|
|2013-05-17||Johannes Ullrich||SSL: Another reason not to ignore IPv6 (3 Comments)|
|2013-05-16||Joel Esler||Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability (1 Comments)|