[nsp-sec] The ugly on AS39823 | 92.62.96.0/20
Shelton, Steve
sshelton at Cogentco.com
Mon May 4 08:18:33 EDT 2009
Hiller,
Thanks for the heads up, will take a look in a few. I'm hoping that the
rustock C&C does not come back up.
Steve Shelton
Network Security Engineer
Cogent Communications
-----Original Message-----
From: Hillar Aarelaid [mailto:hillar.aarelaid at cert.ee]
Sent: Monday, May 04, 2009 6:03 AM
To: Shelton, Steve
Cc: nsp-security at puck.nether.net
Subject: Re: [nsp-sec] The ugly on AS39823 | 92.62.96.0/20
On Apr 9, 2009, at 4:42 PM, Shelton, Steve wrote:
> I've spent the better part a week investigating and negating some
> awful
> - nefarious sources translating to AS39823 within 92.62.96.0/20, most
> but not all of the ugly was on 92.62.101.0/24. You'll find a ton of
> Malware, C&C's and rouge security applications within the 101.0/24.
>
> inetnum: 92.62.101.0 - 92.62.101.255
> netname: STARLINE_EE
> descr: Starline Web Service
i have a feeling, that starline found new home at 95.129.144.0/23
AS48856
will look into after return from Lyon
Hillar
More information about the nsp-security
mailing list