[nsp-sec] CN-Cert to help out msnbc? :)
Gong, Yiming
yiming.gong at xo.com
Thu Mar 20 15:53:48 EDT 2008
I sent an email into nsp-sec-china on Mar 17 about this, and just now I
pinged a friend at CT-US, he already blackholed this host on all peering
routers in US.
Also a request was sent to CT beijing NOC, but not sure if guys over
there will take any further action.
If CN-CERT can help taking down this host and setting up some sort of
channel between China and oversea ISPs it will be great!
Regards,
Yiming
> -----Original Message-----
> From: nsp-security-bounces at puck.nether.net
> [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of
> Chris Morrow
> Sent: Thursday, March 20, 2008 1:40 PM
> To: nsp-security at puck.nether.net
> Subject: [nsp-sec] CN-Cert to help out msnbc? :)
>
> ----------- nsp-security Confidential --------
>
>
> Could the CN-Cert folks squish a domain name used for some
> web-based-malware? (the msnbc.com .js inject websense posted about
> yesterday)
>
> Domain Name: 2117966.NET
> Registrar: HICHINA WEB SOLUTIONS (HONG KONG) LIMITED
> Whois Server: grs.hichina.com
> Referral URL: http://whois.hichina.com
> Name Server: DNS21.HICHINA.COM
> Name Server: DNS22.HICHINA.COM
> Status: ok
> Updated Date: 26-feb-2008
> Creation Date: 26-feb-2008
> Expiration Date: 26-feb-2009
>
>
> http://www.websense.com/securitylabs/alerts/alert.php?AlertID=848
>
> -Chris
> google-sec-guy
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the
> nsp-security community. Confidentiality is essential for
> effective Internet security counter-measures.
> _______________________________________________
>
More information about the nsp-security
mailing list