[nsp-sec] conficker list
Wes Young
wcyoung at buffalo.edu
Wed Jan 14 14:23:43 EST 2009
ack for 3685. We had snagged one of them 5 days ago, not the other.
Thanks.
On Jan 14, 2009, at 1:52 PM, Smith, Donald wrote:
> ----------- nsp-security Confidential --------
>
> A source that wishes to remain anonymous provided me apache logs for
> one of the systems conficker checks in with or downloads from. Beth
> Young at more.net also has a list and has offered to cross check
> these against her known infected systems.
>
>
> Here are two links to the list it contains over 700K uniq ips so it
> was TOO large to upload via the cymru web gui in a single file I had
> to split it.
>
> I only included the first time an IP checked in.
> Timezone is GMT -8:00
> link 1
> https://asn.cymru.com/nsp-sec/upload/1231957075.whois.txt
>
> link 2
> https://asn.cymru.com/nsp-sec/upload/1231958296.whois.txt
>
> Given the way I broke the list in half there is a very good chance
> your ASN will appear on both lists.
>
> H8Hz
> Donald.Smith at qwest.com gcia
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-
> security
> community. Confidentiality is essential for effective Internet
> security counter-measures.
> _______________________________________________
--
Wes
http://claimid.com/wesyoung
More information about the nsp-security
mailing list