[nsp-sec] rustock C&C - ACK for AS3909 & AS209
Hicks, Howard
Howard.Hicks at qwest.com
Tue Feb 3 14:11:06 EST 2009
Howard E. Hicks
-----Original Message-----
From: nsp-security-bounces at puck.nether.net [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of Beasley, Jason
Sent: Tuesday, February 03, 2009 12:19 PM
To: nsp-security at puck.nether.net
Subject: [nsp-sec] rustock C&C
----------- nsp-security Confidential --------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Suresh over at Outblaze has identified what he believes to be an rustock C&C existing at 69.10.44.210. From what I can tell, it appears he is correct. I've compiled a listing of sources communicating to this server. Please check the following list for your ASN:
http://drakul.nsc.xo.net/asns.txt
And then the full listing here for the hosts:
https://asn.cymru.com/nsp-sec/upload/1233681381.whois.txt
Timestamps are included.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
iD8DBQFJiIqaTU5wjr6ASAURAltgAJ0Sd7CbIlK5I99x9Wym821XSEb42ACdHtbn
j+Wdn3H9zNfUpo/rXxV1VnU=
=RP8n
-----END PGP SIGNATURE-----
_______________________________________________
nsp-security mailing list
nsp-security at puck.nether.net
https://puck.nether.net/mailman/listinfo/nsp-security
Please do not Forward, CC, or BCC this E-mail outside of the nsp-security community. Confidentiality is essential for effective Internet security counter-measures.
_______________________________________________
More information about the nsp-security
mailing list