[nsp-sec] ACK 174 RE: RFI attack URLs
Shelton, Steve
sshelton at Cogentco.com
Tue Jul 28 10:51:36 EDT 2009
ACK for 174, sites will be dead soon!
Steve Shelton
Security Engineer
Cogent Communications
-----Original Message-----
From: nsp-security-bounces at puck.nether.net
[mailto:nsp-security-bounces at puck.nether.net] On Behalf Of Thomas
Hungenberg
Sent: Tuesday, July 28, 2009 8:06 AM
To: nsp-sec
Subject: [nsp-sec] RFI attack URLs
----------- nsp-security Confidential --------
Hi,
please find below a list of URLs used in RFI attacks (C99/r57 shells,
etc.)
- Thomas
CERT-Bund Incident Response & Anti-Malware Team
174 | 38.100.19.105 | US | iyuddd.webng.com/vicky.txt | COGENT
Cogent/PSI
174 | 38.100.19.122 | US | iyuddd.webng.com/scanz.txt | COGENT
Cogent/PSI
174 | 38.100.19.122 | US | iyuddd.webng.com/vicky.txt | COGENT
Cogent/PSI
174 | 38.100.19.122 | US | kenguanteng.webng.com/bot_php.txt |
COGENT Cogent/PSI
_______________________________________________
nsp-security mailing list
nsp-security at puck.nether.net
https://puck.nether.net/mailman/listinfo/nsp-security
Please do not Forward, CC, or BCC this E-mail outside of the
nsp-security
community. Confidentiality is essential for effective Internet security
counter-measures.
_______________________________________________
More information about the nsp-security
mailing list