[nsp-sec] (AS33626 - upstreams AS701, AS2914, AS3356, AS27524) ns1.dsredirection.com and ns2.dsredirection.com - Might be 0wned?!??!?
Dave Monnier
dmonnier at cymru.com
Thu May 8 18:30:59 EDT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hey Brian, Team,
As some of you noted earlier in the ddosrs, we had at least one bot
sample pointed to a DNS RR that now points at this IP as well.
at.medbod.com
This was an IRC based bot that was trying to connected to TCP/80 at that RR.
We'll be sure to share any info we some across about it.
Cheers,
- -Dave
- --
Dave Monnier, Senior Systems Engineer , Team Cymru
http://www.cymru.com/ | +1 312 924 4042 | dmonnier at cymru.com
-----BEGIN PGP SIGNATURE-----
iD8DBQFII38j+29txnwarlURAsPRAJ9y709JuTMneCCMB3SOoA3q4I9XQgCfUqCq
TXap/RxYmAVOzN0NYoiWBrw=
=CR0a
-----END PGP SIGNATURE-----
More information about the nsp-security
mailing list