[nsp-sec] Multiple DDoS attacks (More outbound bot IP calls)
Smith, Donald
Donald.Smith at qwest.com
Thu Jul 9 15:32:30 EDT 2009
Symantec's link.
http://www.symantec.com/security_response/writeup.jsp?docid=2009-070814-5311-99&tabid=2
(coffee != sleep) & (!coffee == sleep)
Donald.Smith at qwest.com gcia
> -----Original Message-----
> From: nsp-security-bounces at puck.nether.net
> [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of
> Chris Calvert
> Sent: Thursday, July 09, 2009 1:19 PM
> To: 'nsp-security at puck.nether.net'
> Subject: Re: [nsp-sec] Multiple DDoS attacks (More outbound
> bot IP calls)
>
> ----------- nsp-security Confidential --------
>
> An interesting claim from an unusual source:
> http://www.cdrinfo.com/Sections/News/Details.aspx?NewsId=25651
>
> "There is currently a DDoS attack against a number of
> websites, most of them belong to US and South Korea goverment
> sites. The malware involved in the attack has been detected
> as W32/Mydoom.HN."
>
> and
>
> "The worm drops Trojan.Dozer, a distributed denial of service
> (DDoS) Trojan, and W32.Mydoom.A at mm, the component that sends
> out the emails with W32.Dozer attached. All of these
> components work together to perform the DDoS attacks and
> spread through email."
>
> First time I've seen specific malware pointed at. Anyone
> have information on what Dozer-related flows would look like?
>
> Chris
>
> > -----Original Message-----
> > From: nsp-security-bounces at puck.nether.net [mailto:nsp-security-
> > bounces at puck.nether.net] On Behalf Of Dave Mitchell
> > Sent: Wednesday, July 08, 2009 10:57 PM
> > To: Dave Mitchell
> > Cc: nsp-security at puck.nether.net
> > Subject: Re: [nsp-sec] Multiple DDoS attacks (More outbound
> bot IP calls)
> >
> > ----------- nsp-security Confidential --------
>
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the
> nsp-security
> community. Confidentiality is essential for effective
> Internet security counter-measures.
> _______________________________________________
>
>
More information about the nsp-security
mailing list