Recently, we have detected a DDOS attack from
Based on the source port number, this likely indicates an open DNS resolver on your network. Open resolvers are very commonly abused to conduct DDOS attacks. Please see or for more information.
We would ask that you either limit access to this resolver to prevent it from being abused, or implement one of the patches described on or . If you are not sure how to do this, we have some instructions available at
You can confirm this host is vulnerable by running the following command:
If you see a valid response, this is proof that the machine is vulnerable and actively being used to conduct DDOS attacks. Please note that it's possible this machine has rate limits to help prevent abuse. We're unable to confirm if that's the case, but we can tell you with certainty this machine has been involved in an attack against us.
Our detection systems automatically merge duplicate log entries, however we have the following records:
[2014-12-15 11:52:36 GMT] IP > UDP, length 132743168, packets 32768
If you have any questions about this report, please let us know:
The recipient address of this report was provided by the Abuse Contact DB by does not maintain the content of the database. All information which we pass out, derives from the RIR databases and is processed for ease of use. If you want to change or report non working abuse contacts please contact the appropriate RIR. If you have any further question, contact directly via email ( Information about the Abuse Contact Database can be found here: is neither responsible nor liable for the content or accuracy of this message.

The user in question was still signed in to one of our public IPs he is apparently infected with malware. We have added a firewall rule to mitigate anymore potential damage caused by his infection and will contact him with a link to this ticket.

Also Read

IP addresses(es) were blacklisted from the PlayStation Network
To whom it may concern, Pursuant to Sony Network Entertainment International LLC ("SNEI")...
DoS attack from the LiquidVPN Network
Dear Provider I’m George Egri, the Co-Founder and CEO of BitNinja Server Security. I’m writing to...
Request to Help Block DDoS Attacks
Hi,at our ecommerce we are experiencing a lot of traffic coming from various ip that belongs to...
Network attack received from an IP on your network
Hi, We have detected a network attack from an IP ( Redacted ) from your network, a computer...
UK SPAM Static IP Server
X-Originalarrivaltime: 25 Jul 2014 15:11:43.0391 (UTC) FILETIME=[BE648AF0:01CFA81A] MIME-Version:...