[nsp-sec] A bit interested in a specific IP address
Smith, Donald
Donald.Smith at qwest.com
Thu May 8 15:56:34 EDT 2008
I see it talking to a lot of different dns servers on udp 53.
Nothing else seen here.
RM=for(1)
{manage_risk(identify_risk(product[i++]) &&
(identify_threat[product[i++]))}
Donald.Smith at qwest.com giac
> -----Original Message-----
> From: nsp-security-bounces at puck.nether.net
> [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of
> Dario Ciccarone (dciccaro)
> Sent: Thursday, May 08, 2008 1:12 PM
> To: nsp-security at puck.nether.net
> Subject: [nsp-sec] A bit interested in a specific IP address
>
> ----------- nsp-security Confidential --------
>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Folks:
>
> Hi there. We here at PSIRT are a bit interested in some traffic
> we've seen coming out from 61.135.164.84 - we've done our
> homework indeed, but would like to check with the NSP-SEC
> community if anyone has seen anything specially interesting from
> said IP address in, say, the last week.
>
> Also if anyone happens to see anything interesting (in any
> sense, in the BROAD sense) coming out of it, we would very much
> appreciate to hear from it :)
>
> Thanks,
> Dario
>
> Dario Ciccarone <dciccaro at cisco.com>
> Incident Manager - CCIE #10395
> Product Security Incident Response Team (PSIRT)
> Cisco Systems, Inc.
> +1 212 714 4218
> PGP Key ID: 0xBA1AE0F0
> http://www.cisco.com/go/psirt
>
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 8.1
>
> iQA/AwUBSCNQcIyVGB+6GuDwEQKaWwCgmxHFdPfaw29CS0nJTTf0+RiCY3QAnjOn
> RXwemxX3BQKUMKT0WuHVpKL/
> =mMmx
> -----END PGP SIGNATURE-----
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the
> nsp-security
> community. Confidentiality is essential for effective
> Internet security counter-measures.
> _______________________________________________
>
>
This communication is the property of Qwest and may contain confidential or
privileged information. Unauthorized use of this communication is strictly
prohibited and may be unlawful. If you have received this communication
in error, please immediately notify the sender by reply e-mail and destroy
all copies of the communication and any attachments.
More information about the nsp-security
mailing list