Attacked IP: 50.7.190.60
Country: Netherlands
Attack started: 2013-05-01 03:16:46
Attack stopped: 2013-05-01 04:11:49
Duration: 55 minute(s)
Query Rate: 0.51 per minute
Detected a query rate below 1 per minute. Either a low query attack or there was a long break between bursts See chart for more details.
with AS number: AS5580 which operates from: NL
Details of the DNS Amplification attack:
Requested DNS record: directedat.asia
Query count: 28
Following DNS query ID's observed:
- 0x7e8d 14
- 0x8d3d 14
Query size in bytes: 2408
Response size in bytes: 2408
TotalBandwidth in bytes: 4816
Amplification: 0%
All observed queries were made with a TTL of: 247
Because of this I think the attack was most likely performed from a single host rather than by a botnet.
Unique query UDP source ports observed: 28
No comments:
Post a Comment