[nsp-sec] ACK AS209 new storm campagn

[Smith, Donald]

I provided timestamps to Sara.
This is active NOW. At least the ones I looked at were all already
acting as P2P peer nodes based on today's netflow records.



RM=for(1)
{manage_risk(identify_risk(product[i++]))}
Donald.Smith at qwest.com giac 

> -----Original Message-----
> From: nsp-security-bounces at puck.nether.net 
> [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of 
> Jose Nazario
> Sent: Tuesday, February 12, 2008 10:43 AM
> To: Roper, Sara
> Cc: nsp-security NSP
> Subject: Re: [nsp-sec] ACK AS209 new storm campagn
> 
> ----------- nsp-security Confidential --------
> 
> On Tue, 12 Feb 2008, Roper, Sara wrote:
> 
> > ACK AS209 - Any chance of obtaining a timestamp?
> 
> a few folks have asked about timestamps. sadly, tehre are 
> none. this is 
> the peerlist that the sample ships with to bootstrap itself into the 
> network. look for traffic to those ports on those boxes, they 
> may or may 
> not still be live, or they could be duds and dummies to begin with.
> 
> -------------------------------------------------------------
> jose nazario, ph.d.     <jose at arbor.net>
> security researcher, office of the CTO,  arbor networks
> v: (734) 821 1427 	      http://asert.arbornetworks.com/
> 
> 
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
> 
> Please do not Forward, CC, or BCC this E-mail outside of the 
> nsp-security
> community. Confidentiality is essential for effective 
> Internet security counter-measures.
> _______________________________________________
> 


This communication is the property of Qwest and may contain confidential or
privileged information. Unauthorized use of this communication is strictly 
prohibited and may be unlawful.  If you have received this communication 
in error, please immediately notify the sender by reply e-mail and destroy 
all copies of the communication and any attachments.