Attacked IP: 70.127.17.254
Country: United States
Start: 2013-05-17 17:14:15
End: 2013-05-17 17:15:49
Duration: 1 minute(s)
Average query rate: 503 per minute
Requested DNS record: isc.org
Query count: 503
IPrange: 70.126.0.0/15
AS Number: RR-Route
ISP: AS13343
IP has a reverse DNS value of: 70-127-17-254.res.bhn.net
This IP was only seen today
Observed 1 attack:
- Attack 1 from 17:00 till 18:00
Requested DNS record: isc.org
Query count: 503
Start: 2013-05-17 17:14:15
End: 2013-05-17 17:15:49
Duration: 1 minute(s)
Average query rate: 503 per minute
All request were made with the DNS id: 0x1d42 / 7490
Average query size: 78 bytes
Average response size: 325 bytes
Amplification: 165%
Total query size: 39234 bytes / 38 kilobytes
Response size: 104287 bytes / 101 kilobytes
TotalBandwidth: 143521 bytes / 140 kilobytes
All observed queries were made with a TTL of: 106
Because of this I think the attack was most likely performed from a single host rather than by a botnet.
All request were made with a UDP source port of: 49940
No comments:
Post a Comment