[nsp-sec] ACK: conficker list
Andreas Lorentzen
anl at nextgentel.com
Thu Jan 15 01:57:39 EST 2009
ACK for 15659
Andreas Lorentzen
NextGenTel
-----Original Message-----
From: nsp-security-bounces at puck.nether.net
[mailto:nsp-security-bounces at puck.nether.net] On Behalf Of Smith, Donald
Sent: Wednesday, January 14, 2009 7:53 PM
To: 'nsp-security at puck.nether.net'
Subject: [nsp-sec] conficker list
----------- nsp-security Confidential --------
A source that wishes to remain anonymous provided me apache logs for one
of the systems conficker checks in with or downloads from. Beth Young at
more.net also has a list and has offered to cross check these against
her known infected systems.
Here are two links to the list it contains over 700K uniq ips so it was
TOO large to upload via the cymru web gui in a single file I had to
split it.
I only included the first time an IP checked in.
Timezone is GMT -8:00
link 1
https://asn.cymru.com/nsp-sec/upload/1231957075.whois.txt
link 2
https://asn.cymru.com/nsp-sec/upload/1231958296.whois.txt
Given the way I broke the list in half there is a very good chance your
ASN will appear on both lists.
H8Hz
Donald.Smith at qwest.com gcia
_______________________________________________
nsp-security mailing list
nsp-security at puck.nether.net
https://puck.nether.net/mailman/listinfo/nsp-security
Please do not Forward, CC, or BCC this E-mail outside of the
nsp-security
community. Confidentiality is essential for effective Internet security
counter-measures.
_______________________________________________
More information about the nsp-security
mailing list