[nsp-sec] ACK RE: 37K+ Host Grum Botnet
Matthew.Swaar at us-cert.gov
Matthew.Swaar at us-cert.gov
Thu Sep 24 18:47:04 EDT 2009
Heyo, Steve!
ACK for 557,1226,2897,2939,3479,6325,6559,8103,19957,21852,22742, &
36081.
Thanks!
Very Respectfully,
US-CERT Ops Center
703-235-5111
POC: Matt Swaar - Analyst
-----Original Message-----
From: nsp-security-bounces at puck.nether.net
[mailto:nsp-security-bounces at puck.nether.net] On Behalf Of Stephen Gill
Sent: Thursday, September 24, 2009 4:36 PM
To: NSP-SEC List
Subject: [nsp-sec] 37K+ Host Grum Botnet
----------- nsp-security Confidential --------
Hi Team,
Please visit the following URL for infected Ips in your network seen
chatting up with this Grum spam botnet head end: 209.160.73.60:80
<https://www.cymru.com/nsp-sec/Owned/grum/grum.txt>
(*) Your regular nsp-sec u/p apply.
Timestamps in GMT, last seen times only, though there were several hits
per IP in the short time we received the data for.
-- steve
--
Stephen Gill, Chief Scientist, Team Cymru http://www.cymru.com | +1 630
230 5423 | gillsr at cymru.com
_______________________________________________
nsp-security mailing list
nsp-security at puck.nether.net
https://puck.nether.net/mailman/listinfo/nsp-security
Please do not Forward, CC, or BCC this E-mail outside of the
nsp-security
community. Confidentiality is essential for effective Internet security
counter-measures.
_______________________________________________
More information about the nsp-security
mailing list