What the fuck is going on /g/, there's a massive cyber attack from China
>>52266833
woah dude 5000 packets!!?? holy shit thats a ton!!! woah big and scary !!! dont hack me
>>52266833
fake and gay
![4972950302[1].png](https://i.imgur.com/ZntxQQ3.png "4972950302[1].png")
Doesn't seem to be effecting me.
On my servers I block all countries except Europe and North America.
>>52266833
update
>>52266833
You do realise that it's a fake chart? It's just graphics with random numbers, nothing else is happening.
>>52266938
>>52266849
http://map.norsecorp.com/
http://hp.ipviking.com/
denial intensifies
>>52266920
There are always massive "cyber" attacks from China. Go set up a server, any server, and see the logs be filled with Chinese bots.
>>52266833
>there's a massive cyber attack from China
again? this happens every day
>>52266969
either that or some f2p online game is massively swamped right now with china farmers
>>52266979
Thanks Pajeet
AW FUCK
>teenagers in china are launching cyber attacks at 6:30pm
>yfw these neets are getting yelled at to come to dinner while USA is asleep
>>52266833
I fucking love defcon!
FYI this is over a cellphone announcement by the chinese company LeTV made last night in Los Angeles dueing CES. The first phone to have the Snapdragon 820 processor is going to be sold by LeTV in the USA.
>>52267146
proof?
It's over NTP.
Either it's a bunch of iPhones that have been bought in the US synching up their time, or they are piggybacking their attack over NTP and trying to hit a flaw in the NTP stack.
Does apple have a data center in Roseville, USA (cali?)
>>52267233
>Utilities[edit]
The City of Roseville provides electric, water, wastewater, and solid waste services to most areas. Pacific Gas and Electric provides natural gas service. Internet, cable, and/or telephone companies that service the Roseville area include AT&T, Comcast, and Consolidated Communications.
we're gonna deduce this shit, /g/.
this has been on twitter since Dec 18 with no explanation.
>>52266833
>>52267066
Not other poster, but these actually are "fake". They operate honeypot servers, and the data you see is attacks targeting those honeypots. So the attacks are real, but the targets aren't.
>>52267259
kek
but still spamming
>falling for the >muh cyber attack bait map of a company operating in that exact field
typical EXPLOSHIUNS teenager
>>52267259
This, they are honeypots set up to show attacks.
>>52267249
The actual target is not deducable from this.
>Wells Fargo data ctr loc: Roseville, CA
Rip bank
>>52267233
NTP reflection is simple as
port 123 .:^)
Scan for some servers and then use a network with IP head modification to send the attack, Not hard.
kek, some noobs are trying to rek a honeypot
>>52267399
If they hit honey pots it's likely they just go through an ip range and attack everything they get a hold on.
>>52267249
Roseville doesn't have anything important afaik, If you drop down into Folsom just a bit south that's where the CAISO which is a pretty big target for other nation states.
>>52267314
teach me your ways, anonymous hacker
>>52267662
are you taking into account colocation exchanges?
>>52267745
lurk moar.
>>52267788
Might have some, but in relation to the CAISO no.
The entire data center for the CAISO is located in the building, in the same secure area as the main control room.
misconfigured ntp servers can be vulnerable to amplification attacks. most skiddy tools use this for DDOS. If this was a nation state ddos i doubt they would be using ntp. There are protocols that offer better amplification. I guess it possible theres an 0day ntp thats being exploited but I highly doubt that. I cant see a reason to hack a bunch of ntp servers.
>>52266833
China Republic jusr released a new ddos tool that some people may be using.
http://blog.malwaremustdie.org/2016/01/mmd-0048-2016-ddostf-new-elf-windows.html
http://www.ddos.tf/index.html?jdfwkey=mwtuu2
>>52266979
Pure gold.
>>52266833
>there's a massive cyber attack from China
NO
There's
Not
What we hhave is a bunch of skiddies scanning the interwebs (as they do each day) and being drawn into a nice big honeypot server on the west coast.
That.
Is.
All.
(Stop making these threads - they are both monotonous and boring)
For those interested.
http://map.norsecorp.com/
>>52268253
care to explain?
a honeypot for what?
pedo?
>>52266833
>believing le tactical attack maps
There was a good article a while back about exactly how retarded these maps were but I can't be assed to look it up for you. Just delete thread and stop getting rused by cybersec marketing.
>>52267072
underrated post
HP own ipviking now?
>>52268131
>blog.malwaremustdie
that sounds like a reliable website
>>52270060
no homo the vikings use hp ipads, erm... helicopters
>>52266967
so there seems to be something going on with NTP lately...
>>52269905
If I remember right, its redirected from real servers to fake "honeypot" servers as a defense measure
>>52266915
This. I do this EVERY, FUCKING, TIME
>>52270111
your trips sounds about right, like a balance of charges in the data.
usually a honeypot is a server you're using to get information on the attackers. You set up what looks like a vulnerable target, but you're monitoring connections to it, as well as attack methods the attacker is using. It's useful for learning more about who you might be up against, not so much for preventing DDoS.
