[nsp-sec] Multiple DDoS attacks
Dave Mitchell
davem at yahoo-inc.com
Wed Jul 8 16:10:56 EDT 2009
Just got some new info from Alex @ fireeye from his sandbox. Here are
some updated user-agents.
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; GTB6; .NET CLR
2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; GTB6;
.NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.20)
Gecko/20081217 Firefox/2.0.0.20 (.NET CLR 3.5.30729)
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.2; MAXTHON
2.0)
Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB6;
.NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
-dave
On Wed, Jul 08, 2009 at 11:14:09AM -0500, Rob Thomas wrote:
> Hi, team.
>
> Apologies for duplication.
>
> > 213.33.116.41 53
>
> Bupkes on this one.
>
> > 216.199.83.203 80
>
> This appears to be a Windows XP box.
>
> > 213.23.243.210 443
>
> Bupkes on this one.
>
> Thanks,
> Rob.
> --
> Rob Thomas
> Team Cymru Research NFP
> https://www.team-cymru.org/
> cmn_err(CEO_PANIC, "Out of coffee!");
More information about the nsp-security
mailing list