28 Jan
2020
28 Jan
'20
6:28 a.m.
On 28 Jan 2020, at 18:15, Octolus Development wrote:
The problem is that they are spoofing our IP, to millions of IP's running port 80.
So that does in fact sound like a TCP reflection/amplification attack. If you have the relevant information, as it seems that you do, you can ask operators to perform traceback (they'll likely need timestamps). Hopefully, some operators will read this thread and begin looking into it, as well. -------------------------------------------- Roland Dobbins <roland.dobbins@netscout.com>