[nsp-sec] black_energy ddos drones

Dirk Stander dst+nsp-sec at glaskugel.org
Wed Oct 28 13:38:14 EDT 2009

Previous message: [nsp-sec] black_energy ddos drones
Next message: [nsp-sec] black_energy ddos drones
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Chris,

> Timestamps in GMT?

yes, the timestamps are GMT

> How false positive prone is this data, in your opinion?

i've been very carefully with filtering the logs -- i've used only
IPs, who did more than 100 connects/day and who did not show any
other signs of a ``real'' browser (like requesting favicon.ico'' et al)

    thanks and kind regards, Dirk :.

Previous message: [nsp-sec] black_energy ddos drones
Next message: [nsp-sec] black_energy ddos drones
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the nsp-security mailing list