[nsp-sec] CN-Cert to help out msnbc? :)
Yonglin ZHOU
yonglin.zhou at gmail.com
Sun Mar 23 03:22:58 EDT 2008
Hi folks,
I'm out of Beijing for a meeting. Sorry for reply late.
I will ask my colleague to check the domain of its malicious code and try
to handle it.
Regards,
Yonglin.
CNCERT/CC
On Fri, Mar 21, 2008 at 3:53 AM, Gong, Yiming <yiming.gong at xo.com> wrote:
> ----------- nsp-security Confidential --------
>
> I sent an email into nsp-sec-china on Mar 17 about this, and just now I
> pinged a friend at CT-US, he already blackholed this host on all peering
> routers in US.
>
> Also a request was sent to CT beijing NOC, but not sure if guys over
> there will take any further action.
>
> If CN-CERT can help taking down this host and setting up some sort of
> channel between China and oversea ISPs it will be great!
>
> Regards,
>
> Yiming
>
>
> > -----Original Message-----
> > From: nsp-security-bounces at puck.nether.net
> > [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of
> > Chris Morrow
> > Sent: Thursday, March 20, 2008 1:40 PM
> > To: nsp-security at puck.nether.net
> > Subject: [nsp-sec] CN-Cert to help out msnbc? :)
> >
> > ----------- nsp-security Confidential --------
> >
> >
> > Could the CN-Cert folks squish a domain name used for some
> > web-based-malware? (the msnbc.com .js inject websense posted about
> > yesterday)
> >
> > Domain Name: 2117966.NET
> > Registrar: HICHINA WEB SOLUTIONS (HONG KONG) LIMITED
> > Whois Server: grs.hichina.com
> > Referral URL: http://whois.hichina.com
> > Name Server: DNS21.HICHINA.COM
> > Name Server: DNS22.HICHINA.COM
> > Status: ok
> > Updated Date: 26-feb-2008
> > Creation Date: 26-feb-2008
> > Expiration Date: 26-feb-2009
> >
> >
> > http://www.websense.com/securitylabs/alerts/alert.php?AlertID=848
> >
> > -Chris
> > google-sec-guy
> >
> >
> > _______________________________________________
> > nsp-security mailing list
> > nsp-security at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/nsp-security
> >
> > Please do not Forward, CC, or BCC this E-mail outside of the
> > nsp-security community. Confidentiality is essential for
> > effective Internet security counter-measures.
> > _______________________________________________
> >
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security
> counter-measures.
> _______________________________________________
>
--
--------------------------------------------------------------------------
欢迎参加2008中国计算机网络安全应急年会
Welcome to attend CNCERT08 Conference
http://2008.cert.org.cn
-------[CNCERT/CC]-----------------------------------------------
Zhou, Yonglin 【周勇林】
CNCERT/CC, P.R.China 【国家计算机网络应急技术处理协调中心】
Tel: +86 10 82990355 Fax: +86 10 82990399 Web: www.cert.org.cn
Finger Print: 9AF3 E830 A350 218D BD2C 2B65 6F60 BEFB 3962 1C64
-----------------------------------------------[CNCERT/CC]-------
More information about the nsp-security
mailing list