[nsp-sec] conficker list
claude.labbe at bell.ca
claude.labbe at bell.ca
Wed Jan 14 14:58:56 EST 2009
Hi,
ACK 577, sanitized note sent to our abuse desks
Regards
-----Original Message-----
From: nsp-security-bounces at puck.nether.net [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of Smith, Donald
Sent: January 14, 2009 1:53 PM
To: 'nsp-security at puck.nether.net'
Subject: [nsp-sec] conficker list
----------- nsp-security Confidential --------
A source that wishes to remain anonymous provided me apache logs for one of the systems conficker checks in with or downloads from. Beth Young at more.net also has a list and has offered to cross check these against her known infected systems.
Here are two links to the list it contains over 700K uniq ips so it was TOO large to upload via the cymru web gui in a single file I had to split it.
I only included the first time an IP checked in.
Timezone is GMT -8:00
link 1
https://asn.cymru.com/nsp-sec/upload/1231957075.whois.txt
link 2
https://asn.cymru.com/nsp-sec/upload/1231958296.whois.txt
Given the way I broke the list in half there is a very good chance your ASN will appear on both lists.
H8Hz
Donald.Smith at qwest.com gcia
_______________________________________________
nsp-security mailing list
nsp-security at puck.nether.net
https://puck.nether.net/mailman/listinfo/nsp-security
Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
community. Confidentiality is essential for effective Internet security counter-measures.
_______________________________________________
More information about the nsp-security
mailing list