Where does it say we need to contact home cert instead on your website ? verification of what ? HSOFT ranges have been compromised by NTP reflection attacks and the NTP servers hosted by HSOFT need to have a NTP update.
This has been discussed on NANOG and I also sent information in Chinese to aid debug as well. Have had no response from HSOFT… Colin > Begin forwarded message: > > From: "cncertcc" <[email protected]> > Subject: Re:Fwd: port 123 reflection attacks > Date: 30 December 2015 at 08:15:28 GMT > To: "Colin Johnston" <[email protected]> > > Greetings, > Please forward the case to the corresponding CERT you are located in first to > have it transferred to CNCERT after verification. Thanks for your > understanding. > > > > > > > ------------------ > > Thanks and Regards > CNCERT/CC > -------------------------------------------------------- > 国家互联网应急中心 > National Computer network Emergency Response technical Team / Coordination > Center of China > Tel:+8610-82991000 fax:+8610-82990375 > email: [email protected] website:www.cert.org.cn > Address: A3 Yumin Road, Chaoyang District, Beijing,100029, China > -------------------------------------------------------- > > > > ------------------ Original ------------------ > From: "Colin Johnston"<[email protected]>; > Date: Fri, Dec 25, 2015 07:31 PM > To: "cncertcc"<[email protected]>; > Cc: "Colin Johnston"<[email protected]>; > Subject: Fwd: port 123 reflection attacks > > > >> Begin forwarded message: >> >> From: Colin Johnston <[email protected] <mailto:[email protected]>> >> Subject: Fwd: port 123 reflection attacks >> Date: 25 December 2015 at 11:27:02 GMT >> To: [email protected] <mailto:[email protected]>, >> [email protected] <mailto:[email protected]> >> Cc: Colin Johnston <[email protected] <mailto:[email protected]>> >> >> Can you investigate with priority please >> >> Colin >> >> >>> Begin forwarded message: >>> >>> From: Colin Johnston <[email protected] <mailto:[email protected]>> >>> Subject: port 123 reflection attacks >>> Date: 25 December 2015 at 11:19:26 GMT >>> To: [email protected] <mailto:[email protected]>, [email protected] >>> <mailto:[email protected]> >>> Cc: Colin Johnston <[email protected] <mailto:[email protected]>> >>> >>> please stop the port 123 reflection attacks from 115.47.24.220 >>> >>> Colin >>> >> >
