[nsp-sec] Bracing For Impact... MS08-067
Chris Morrow
morrowc at ops-netman.net
Fri Oct 24 16:52:20 EDT 2008
On Fri, 24 Oct 2008, John Fraizer wrote:
> ----------- nsp-security Confidential --------
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Watching flows, I've got some TCP/443, TCP/80 traffic on our net to
> 64.233.189.147. I don't know that I've got any infected constituents at
this looks like a standard frontend ip for google, with lots of normal
googley things behind it (google.com, igoogle, ad-stuff, whatnot) though
it's in aspac based on a traceroute.
> this time but, I was wondering if any other folks are seeing TCP/443
> and/or TCP/80 traffic in addition to your ICMP? I have no detected ICMP
> thus far but that could be sample related.
More information about the nsp-security
mailing list