Attacked IP: 24.10.124.228
Country: United States
Start: 2013-05-18 08:52:08
End: 2013-05-18 08:54:21
Duration: 2 minute(s)
Average query rate: 229 per minute
Requested DNS record: isc.org
Query count: 458
IPrange: 24.10.0.0/17
AS Number: Comcast Cable Communications, Inc.
ISP: AS33651
IP has a reverse DNS value of: c-24-10-124-228.hsd1.ca.comcast.net
This IP was only seen today
Observed 1 attack:
- Attack 1 from 8:00 till 9:00
Requested DNS record: isc.org
Query count: 458
Start: 2013-05-18 08:52:08
End: 2013-05-18 08:54:21
Duration: 2 minute(s)
Average query rate: 229 per minute
All request were made with the DNS id: 0x1d42 / 7490
Average query size: 78 bytes
Average response size: 325 bytes
Amplification: 316%
Total query size: 35724 bytes / 34 kilobytes
Response size: 148850 bytes / 145 kilobytes
TotalBandwidth: 184574 bytes / 180 kilobytes
All observed queries were made with a TTL of: 116
Because of this I think the attack was most likely performed from a single host rather than by a botnet.
All request were made with a UDP source port of: 49940
No comments:
Post a Comment