[nsp-sec] comcast: botnet C&C in your space
Walker, Severin
Severin_Walker at cable.comcast.com
Tue Jul 8 08:41:19 EDT 2008
This was cleaned and sent to the appropriate team for take-down.
Thanks
---------
Severin Walker
Engineer II - Comcast Anti-Abuse Technologies
Desk: 215-286-5618 - Cell: 609-352-2191
severin_walker at cable.comcast.com
This message and any attachments to it contain information exclusively
for intended recipients. If you are not an intended recipient, please
contact the sender to report the error and then delete all copies of
this message from your system.
-----Original Message-----
From: nsp-security-bounces at puck.nether.net
[mailto:nsp-security-bounces at puck.nether.net] On Behalf Of Jose Nazario
Sent: Monday, July 07, 2008 9:48 AM
To: nsp-security NSP
Subject: [nsp-sec] comcast: botnet C&C in your space
----------- nsp-security Confidential --------
* C&C Server: 69.143.67.2:56213
* Server Password:
* Username: ragnub
* Nickname: USA|0101
* Channel: #pedoz#
* Channel topic: :~download.wget
http://www.ideumcommunications.com/portfolio/web_budo/fsck.exe fsck.exe
1
buzzed.opendns.be A 69.143.67.2
funnyshit.opendns.be A 69.143.67.2
2.67.143.69.in-addr.arpa PTR
c-69-143-67-2.hsd1.md.comcast.net
AS | IP | AS Name
33657 | 69.143.67.2 | DNEO-OSP7 - Comcast Cable Communications,
Inc.
FYI ...
-------------------------------------------------------------
jose nazario, ph.d. <jose at arbor.net>
security researcher, office of the CTO, arbor networks
v: (734) 821 1427 http://asert.arbornetworks.com/
_______________________________________________
nsp-security mailing list
nsp-security at puck.nether.net
https://puck.nether.net/mailman/listinfo/nsp-security
Please do not Forward, CC, or BCC this E-mail outside of the
nsp-security
community. Confidentiality is essential for effective Internet security
counter-measures.
_______________________________________________
More information about the nsp-security
mailing list