http://revk.www.me.uk/2013/05/unfiltered-or-not-unfiltered.html
" There is then a further, operational aspect. We have seen significant attacks since Saturday with TCP port 80 SYN floods with a variety of valid and invalid TCP options which appear to be designed to crash TCP stacks. They are working on lots of our customer to crash very old ZyXEL P660 routers where we have external access to administer the router. This is not a password attack, but an attack on the routers TCP stack and takes customers off line totally, sometimes for hours." Seems it's quite an old attack that has resurfaced in my opinion. Best regards, James Greig Nuco Technologies Ltd Unit 1 Northampton Science Park, Moulton Park Industrial Estate, Northampton, NN3 6LG Tel: 0844 745 1300 - Fax: 0844 745 1303 - email: [email protected] <mailto:[email protected]> Relevant site: http://www.host-it.co.uk <http://www.host-it.co.uk/> Group : www.nucotechnologies.com <http://www.nucotechnologies.com/> -----Original Message----- From: uknof [mailto:[email protected]] On Behalf Of Chris Bagnall Sent: 13 January 2014 12:15 To: [email protected] Subject: Re: [uknof] ADSL issues with Zyxel routers On 13 Jan 2014, at 12:06, Ian Goodall <[email protected]> wrote: > I can confirm we have also seen hundreds of ZyXEL CPE affected (on > both BTW lines and our own LLU platform) since Saturday morning. > Initial findings suggest a targeted attack against TCP/80. Thanks for that info (and to others who replied). Bit surprised it hasn't hit any of our LLU connections - only BTW at this stage... Kind regards, Chris -- This email is made from 100% recycled electrons
