[nsp-sec] ACK 174 RE: conficker list
Shelton, Steve
sshelton at Cogentco.com
Wed Jan 14 15:15:53 EST 2009
Thanks and ACK for 174! I'm looking at them now.
Steve Shelton
Network Security Engineer
Cogent Communications
-----Original Message-----
From: nsp-security-bounces at puck.nether.net
[mailto:nsp-security-bounces at puck.nether.net] On Behalf Of Smith, Donald
Sent: Wednesday, January 14, 2009 11:53 AM
To: 'nsp-security at puck.nether.net'
Subject: [nsp-sec] conficker list
----------- nsp-security Confidential --------
A source that wishes to remain anonymous provided me apache logs for one
of the systems conficker checks in with or downloads from. Beth Young at
more.net also has a list and has offered to cross check these against
her known infected systems.
Here are two links to the list it contains over 700K uniq ips so it was
TOO large to upload via the cymru web gui in a single file I had to
split it.
I only included the first time an IP checked in.
Timezone is GMT -8:00
link 1
https://asn.cymru.com/nsp-sec/upload/1231957075.whois.txt
link 2
https://asn.cymru.com/nsp-sec/upload/1231958296.whois.txt
Given the way I broke the list in half there is a very good chance your
ASN will appear on both lists.
H8Hz
Donald.Smith at qwest.com gcia
_______________________________________________
nsp-security mailing list
nsp-security at puck.nether.net
https://puck.nether.net/mailman/listinfo/nsp-security
Please do not Forward, CC, or BCC this E-mail outside of the
nsp-security
community. Confidentiality is essential for effective Internet security
counter-measures.
_______________________________________________
More information about the nsp-security
mailing list