[nsp-sec] More password stealers and drops - AS13301, AS24940, AS7738,
Jose Nazario
jose at arbor.net
Wed Mar 26 13:06:12 EDT 2008
On Wed, 26 Mar 2008, Rob Thomas wrote:
> Is the access all through FTP? I'm trying to assemble a list of
> probable compromised hosts.
yep, all TCP port 21 FTP
-------------------------------------------------------------
jose nazario, ph.d. <jose at arbor.net>
security researcher, office of the CTO, arbor networks
v: (734) 821 1427 http://asert.arbornetworks.com/
More information about the nsp-security
mailing list