Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- This ticket was created due to an Incoming Severity 2 network event for IP address 96.43.131.74, which is currently assigned to you. This event was detected on 2014-12-22 at 9:20:00 CST. Included in this ticket is a summary of the event.
- Please note our policy for network events that affect other customers:
- Network events that affect other customers on our network are considered a violation of our AUP and TOS. We understand that you may not have directly cause the event, however you are still responsible for any and all traffic from or directed at the IP addresses we have assigned to you. If this event affects other customers, corrective or preventative action needs to be taken or we reserve the right to terminate your service.
- Each network event has a severity level and corresponding number:
- Severity 1 - warning sent
- Severity 2 - warning sent / 2 hour null route put in place
- Severity 3 - warning sent / 12 hour null route put in place
- Severity 4 - warning sent / 24 hour null route put in place / Account review by security analyst
- Based on the severity of the event, the following action was taken:
- The IP address has been null routed for 2 hours.
- Here is a summary of the flows to your IP during the event:
- ================================================
- Top 10 flows by packets per pecond for dst IP: 96.43.131.74
- Duration Proto Src IP Addr Src Pt Dst Pt Packets pps bps
- 0.005 UDP 110.103.67.175 1900 80 3072 614400 1.7 G
- 0.006 UDP 182.41.77.104 1900 80 3072 512000 1.4 G
- 0.006 UDP 59.187.223.218 1900 80 3072 512000 1.4 G
- 0.006 UDP 106.125.145.210 1900 80 3072 512000 1.5 G
- 0.004 UDP 124.236.104.195 1900 80 2048 512000 1.4 G
- 0.004 UDP 92.97.235.164 1900 80 2048 512000 1.5 G
- 0.007 UDP 111.132.63.125 1900 80 3072 438857 1.2 G
- 0.007 UDP 222.173.120.202 1900 80 3072 438857 1.2 G
- 0.005 UDP 113.124.166.99 1900 80 2048 409600 1.2 G
- 0.005 UDP 24.43.5.178 1900 80 2048 409600 1.2 G
- Top 10 flows by flows per second for dst IP: 96.43.131.74
- Duration Proto Src IP Addr Src Pt Dst Pt Packets pps bps
- 35.085 UDP 66.42.151.223 1900 80 8192 233 657975
- 0.641 UDP 87.103.193.191 1900 80 8192 12780 35.8 M
- 218.288 UDP 216.196.192.138 1900 80 8192 37 107068
- 201.621 UDP 96.61.98.52 1900 80 8192 40 114050
- 219.065 UDP 69.131.245.206 1900 80 7168 32 96517
- 221.794 UDP 85.109.131.163 1900 80 7168 32 83436
- 221.303 UDP 64.144.93.150 1900 80 7168 32 91432
- 221.386 UDP 85.99.100.102 1900 80 7168 32 86069
- 224.429 UDP 67.141.50.225 1900 80 6144 27 79025
- 1.300 UDP 50.121.101.20 1900 80 6144 4726 12.7 M
- Top 10 flows by bits per second for dst IP: 96.43.131.74
- Duration Proto Src IP Addr Src Pt Dst Pt Packets pps bps
- 0.005 UDP 110.103.67.175 1900 80 3072 614400 1.7 G
- 0.004 UDP 92.97.235.164 1900 80 2048 512000 1.5 G
- 0.006 UDP 106.125.145.210 1900 80 3072 512000 1.5 G
- 0.004 UDP 124.236.104.195 1900 80 2048 512000 1.4 G
- 0.006 UDP 182.41.77.104 1900 80 3072 512000 1.4 G
- 0.006 UDP 59.187.223.218 1900 80 3072 512000 1.4 G
- 0.007 UDP 111.132.63.125 1900 80 3072 438857 1.2 G
- 0.007 UDP 222.173.120.202 1900 80 3072 438857 1.2 G
- 0.005 UDP 106.114.192.15 1900 80 2048 409600 1.2 G
- 0.005 UDP 42.2.27.211 1900 80 2048 409600 1.2 G
- ================================================
- Additional Resources:
- What is a DDoS attack?
- http://en.wikipedia.org/wiki/Distributed_denial_of_service#Distributed_attack
- What is a null route?
- http://en.wikipedia.org/wiki/Distributed_denial_of_service#Blackholing_and_sinkholing
- What are network flows?
- http://en.wikipedia.org/wiki/Packet_flow
- What can be done to prevent this?
- If you are receiving attacks we recommend that you purchase reverse proxy protection services. This product would have to be purchased and configured through a third party company.
- http://en.wikipedia.org/wiki/Reverse_proxy
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
