[nsp-sec] Assistance in tracking a Command and Control (C2) server - obtaining a copy of the malware
Gabriel Iovino
giovino at ren-isac.net
Sat Apr 4 18:41:32 EDT 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Nicholas Ianelli wrote:
> ----------- nsp-security Confidential --------
>
> Thanks Steve!
>
> Are there any providers in the list below that can assist in locating
> compromised customers and getting in touch with them to determine if we
> can extract malware from their compromised machine? Cox, Road Runner,
> Verizon, Comcast...?
I sent an email ONENET to see if there is any chance to obtain malware
from that machine.
5078 | 156.110.78.2 | ONENET-AS-1 - Oklahoma Network for Education
Please let me know if you obtain a malware sample in the meantime as it
is usually difficult for a .edu to get a hold of a student machine in a
timely fashion.
Gabe
- --
Gabriel Iovino
Principal Security Engineer, REN-ISAC
http://www.ren-isac.net
24x7 Watch Desk +1(317)278-6630
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAknX4hwACgkQwqygxIz+pTsBzACfWFGDLjj1ddAqZJdrg9iwbYHC
RA0AoJo4pDUEIYeOFivteQPhn6Ge9tpl
=mNfr
-----END PGP SIGNATURE-----
More information about the nsp-security
mailing list