[afnog] attack on 196.45.188.25 currently in progress
Randy Bush
randy at psg.com
Mon Sep 12 06:07:38 UTC 2016
> Apart from your web server, whois server, EPP port and DNS slaves, for a
> registry, nothing else should be public facing. Move your SQL server behind
> a DMZ asap. Only neonates attack from their own systems, they are probably
> using a compromised host.
this is standard
> Go offline and fix your firewall and filters before they lock you out.
it is not clear he is compromised. yet. we have no real data.
>> We are seeing an online attack on our server 196.45.188.25 in progress
>> right now, they
>> are targetting mysql services that we are running in relation to our .mw
>> registry servers.
ENODATA
randy
More information about the afnog
mailing list