[nsp-sec] Multiple DDoS attacks
John Fraizer
john at op-sec.us
Wed Jul 8 17:23:11 EDT 2009
I'm capturing flows on 216.199.83.203.
On Wed, Jul 8, 2009 at 4:03 AM, Dave Mitchell <davem at yahoo-inc.com> wrote:
> ----------- nsp-security Confidential --------
>
>
> Anyone gathering intel on?
>
> Remote Host Port Number
> 213.33.116.41 53
> 216.199.83.203 80
> 213.23.243.210 443
>
>
> http://www.threatexpert.com/report.aspx?md5=0f394734c65d44915060b36a0b1a972d
>
> The malware in those droppers seems to speak to it and I verified in a
> sandbox.
>
> -dave
>
>
More information about the nsp-security
mailing list