On Tuesday 06 Sep 2011 09:14:26 Greg Chalmers wrote:
Could be legitimate CoD servers responding to a spoofed query?
My first thought looking at the packet dump. Interesting that some poor sap's hotmail address is embedded in it.
How much traffic are you talking about out of curiosity?
Regards Greg
On Tue, Sep 6, 2011 at 6:03 PM, BH <lists@blackhat.bz> wrote:
On 6/09/2011 4:00 PM, Dobbins, Roland wrote:
I've seen DDoS traffic on UDP/80 as far back as 2002 Hi Roland,
I should be a bit more clear sorry, I too have frequently seen attacks on 80/udp but mainly as a source (eg. compromised hosting accounts) rather than the destination. I didn't in the past do a packet capture, but I lookes at a couple of scripts and the data was usually randm or just AAAAAA etc. The thing that perplexed me is why it appears to be Call of Duty data more than anything...
Thanks
-- The only thing worse than e-mail disclaimers...is people who send e-mail to lists complaining about them