[nsp-sec] Activity to or from 202.1.166.220 and 64.124.219.46
Smith, Donald
Donald.Smith at qwest.com
Tue May 12 12:29:56 EDT 2009
They can't be very busy as I saw NOTHING in netflow to or from either of them.
(coffee != sleep) & (!coffee == sleep)
Donald.Smith at qwest.com gcia
> -----Original Message-----
> From: nsp-security-bounces at puck.nether.net
> [mailto:nsp-security-bounces at puck.nether.net] On Behalf Of Rob Thomas
> Sent: Tuesday, May 12, 2009 9:28 AM
> To: Matthew McGlashan
> Cc: nsp-security at puck.nether.net
> Subject: Re: [nsp-sec] Activity to or from 202.1.166.220 and
> 64.124.219.46
>
> ----------- nsp-security Confidential --------
>
> Hi one last time, Matthew. :)
>
> > Anyone got any recent info on 202.1.166.220 and
> 64.124.219.46 being the
> > source (or even target) of any form of activity?
>
> 202.1.166.220 appears to be a Windows XP box with SP1, at least as of
> 2009-04-29 21:37:59 UTC.
>
> Hmm, 202.1.166.220 might also be a proxy on TCP 3128.
>
> 64.124.219.46 is probably a Windows XP box.
>
> Sadly, that's all we have. :(
>
> Thanks,
> Rob.
> --
> Rob Thomas
> Team Cymru
> http://www.team-cymru.org/
> cmn_err(CEO_PANIC, "Out of coffee!");
>
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the
> nsp-security
> community. Confidentiality is essential for effective
> Internet security counter-measures.
> _______________________________________________
>
>
More information about the nsp-security
mailing list