[nsp-sec] Botnet info? (Attn: AS30506)
Florian Weimer
fweimer at bfk.de
Wed Oct 22 08:42:38 EDT 2008
* Daniel Adinolfi:
> We're seeing some bad IRC traffic heading toward 66.249.128.230.
>
> 230.128.249.66.in-addr.arpa domain name pointer 66-249-128-230-
> btl.blacksun.net.
Here's what we've got in terms of DNS records for this IP address:
2008-07-11 02:47:49 2008-10-09 10:00:05 pro.ms6ol.net A 66.249.128.230
2008-07-13 15:35:28 2008-09-12 17:43:16 wwff.ms6ol.net A 66.249.128.230
2008-07-31 19:47:44 2008-10-22 12:40:37 1337.reipmav.net A 66.249.128.230
2008-10-19 15:05:59 2008-10-22 12:40:54 msws.ms6ol.net A 66.249.128.230
--
Florian Weimer <fweimer at bfk.de>
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99
More information about the nsp-security
mailing list