Initial Publication Date: Advisory Status: Advisory Severity: Legacy ID
15 Jul 2009 Closed Low
On July 7, 2009 US-CERT issued advisory CIIN-0918801 to US federal agencies stating that multiple US Government Websites were under massive Distributed Denial of Service (DDOS) attacks utilizing UDP and TCP traffic since July 4, 2009. The advisory contained a list of IP addresses where these DDOS attacks were originating.
This attack poses no direct threat to Blue Coat end users browsing Web content because the attack generates outbound traffic rather than serving malicious Web content.
Nevertheless, the nature of this attack is an indicator that servers on these IP addresses have been compromised by hackers resulting in an increased level of security risk. To protect our customers from the possibility of these compromised servers being further utilized to serve malicious Web content, Blue Coat WebFilter systems have been updated by categorizing the IP addresses in the advisory list as “Suspicious”.
As always, Blue Coat Security Labs will be monitoring traffic to these IP addresses via the WebPulse community cloud. If further investigation in the future reveals that the compromised sites have become sources of malware
then the categorization on these IP addresses will be changes to “Spyware/Malware Sources”.
Blue Coat Security Labs recommends that customers using ProxySGs as reverse proxies black list the IP addresses identified as initiator sites in the advisory in their Firewall configuration. This action blocks the inbound traffic for DDOS attack. The list of these sites is available in the US-Cert CIIN-0918801 advisory.
On July 7, 2009 US-CERT issued advisory CIIN-0918801 to US federal agencies stating that multiple US Government Websites were under massive Distributed Denial of Service (DDOS) attacks utilizing UDP and TCP traffic since July 4, 2009. The advisory contained a list of IP addresses where these DDOS attacks were
CA Advisory Reference Document: US-Cert CIIN-0918801
This is machine translated content
Login to Subscribe
Please login to set up your
Would you like to be subscribed to future notifications for this article?
For security reasons, your link to this document has expired. Please click on the attachment link to access this file.
The attachment that you are looking for no longer exists.
There has been an issue retrieving your attachment. Please try again.
Currently server is down.
Didn't find the article you were looking for? Try these resources.