[nsp-sec] 1Million Botnet Ips
Stephen Gill
gillsr at cymru.com
Tue Jul 8 11:16:33 EDT 2008
Not to my knowledge, but I didn't generate the data. I'd recommend checking
w/ cert.at for confirmation.
-- steve
On 7/8/08 12:48 AM, "Andreas Bunten" <bunten at dfn-cert.de> wrote:
> Stephen Gill schrieb:
>
>> Cert.at has assembled an excellent report on the nadnadzzz.info botnet along
>> with a large list of compromised IPs! They have put together an analysis
>> summary and individual report files of compromised hosts sorted by ASN at
>> the following location:
> (...)
>
> Hi,
>
> is there maybe a problem with the timestamps?
>
> One of our sites had only one timestamp in the dataset: 21:52 GMT+02
> They only saw flows to the C&C between 22:41:36.601 and 23:29:34.815
> (also GMT+02)
>
> Regards,
> andreas-b, as 680 (German research network)
--
Stephen Gill, Chief Scientist, Team Cymru
http://www.cymru.com | +1 312 924 4023 | gillsr at cymru.com
More information about the nsp-security
mailing list