[nsp-sec] CN-Cert to help out msnbc? :)
Chris Morrow
morrowc at ops-netman.net
Thu Mar 20 14:47:40 EDT 2008
this calls:
count.lljy.org
which looks like it's at dreamhost and has some nice exe's on it, among
other things... anyone know a POC at dreamhost? :)
-Chris
On Thu, 20 Mar 2008, Chris Morrow wrote:
> ----------- nsp-security Confidential --------
>
>
> Could the CN-Cert folks squish a domain name used for some
> web-based-malware? (the msnbc.com .js inject websense posted about
> yesterday)
>
> Domain Name: 2117966.NET
> Registrar: HICHINA WEB SOLUTIONS (HONG KONG) LIMITED
> Whois Server: grs.hichina.com
> Referral URL: http://whois.hichina.com
> Name Server: DNS21.HICHINA.COM
> Name Server: DNS22.HICHINA.COM
> Status: ok
> Updated Date: 26-feb-2008
> Creation Date: 26-feb-2008
> Expiration Date: 26-feb-2009
>
>
> http://www.websense.com/securitylabs/alerts/alert.php?AlertID=848
>
> -Chris
> google-sec-guy
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________
>
More information about the nsp-security
mailing list