[nsp-sec] Hitpop Chinese DDoS Bot Analysis [PDF]
Yonglin ZHOU
yonglin.zhou at gmail.com
Thu May 15 22:29:16 EDT 2008
Hi Jose,
Thank you for sharing the reports to us.
I just quickly went through it and think it is a very good reference to us.
I found the CC servers are still alive. I just want to let you know that we
are going to take some action against it soon.
Thanks.
Yonglin.
On 5/16/08, Jose Nazario <jose at arbor.net> wrote:
>
> ----------- nsp-security Confidential --------
>
>
> On Thu, 15 May 2008, Smith, Donald wrote:
>
> > There is a pretty small limit on enclosures on this mailing list. Jose
> > sent it to another list without that limitation and it arrived. I
> > suspect Jose will just have to "host" it somewhere.
>
>
> hurr ... send out the report and head for the door .. not so bright!
>
> i am now hosting it on my personal website:
>
>
> http://monkey.org/~jose/private/nsp/Hitpop%20DDoS%20Malware%20Analysis%20PRIVATE.pdf
>
> this is password protected:
>
> u: nsp-sec
> p: netfl0w
>
> please respect the terms of the document's distribution request.
>
> i'm also anxious to get answers posed at the end of the doc.
>
> a public, shorter version is linked here:
>
> http://asert.arbornetworks.com/2008/05/hitpop-ddos-bot-analysis-available/
>
> -------------------------------------------------------------
>
> jose nazario, ph.d. <jose at arbor.net>
> security researcher, office of the CTO, arbor networks
> v: (734) 821 1427 http://asert.arbornetworks.com/
>
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security
> counter-measures.
> _______________________________________________
>
--
-------[CNCERT/CC]-----------------------------------------------
Zhou, Yonglin 【周勇林】
CNCERT/CC, P.R.China 【国家计算机网络应急技术处理协调中心】
Tel: +86 10 82990355 Fax: +86 10 82990399 Web: www.cert.org.cn
Finger Print: 9AF3 E830 A350 218D BD2C 2B65 6F60 BEFB 3962 1C64
-----------------------------------------------[CNCERT/CC]-------
More information about the nsp-security
mailing list