Let's talk with Code Monkey-san Part.2
166 :C ◆Odemonkey. @Code Monkey ★:
Regarding today's attacks on Maguro:
A few months ago, Jim-san provided Brazil with 100 VPN accounts.
Today, a subset of those 100 VPN accounts were responsible for the attack on Maguro.
I have turned off the VPN server tonight, and tomorrow I will audit it.
I captured thousands and thousands of lines of log during the attack that look like this:
tcp4 0 0 ch2maguro.http vip20099.maido3..40747 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40745 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40744 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40742 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40741 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40739 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40738 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40729 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40728 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40726 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40724 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40722 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40721 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40718 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40709 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40708 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40706 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40703 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40701 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40700 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40697 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40696 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40695 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40692 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40687 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40682 CLOSE_WAIT
A few months ago, Jim-san provided Brazil with 100 VPN accounts.
Today, a subset of those 100 VPN accounts were responsible for the attack on Maguro.
I have turned off the VPN server tonight, and tomorrow I will audit it.
I captured thousands and thousands of lines of log during the attack that look like this:
tcp4 0 0 ch2maguro.http vip20099.maido3..40747 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40745 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40744 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40742 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40741 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40739 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40738 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40729 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40728 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40726 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40724 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40722 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40721 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40718 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40709 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40708 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40706 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40703 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40701 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40700 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40697 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40696 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40695 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40692 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40687 CLOSE_WAIT
tcp4 0 0 ch2maguro.http vip20099.maido3..40682 CLOSE_WAIT
|
|
|