[nsp-sec] Multi ACK - 37K+ Host Grum Botnet
Zane Jarvis
zane at auscert.org.au
Thu Sep 24 21:35:39 EDT 2009
Hi Stephen,
ACKing for the following AU ASNs.. Sanitised and forwarded.
10143
10223
17486
17808
18104
18221
18359
24105
38285
45510
4739
4802
4804
4854
703
7543
7545
9300
9443
9543
9556
9822
Thanks,
Zane.
> -----Original Message-----
> From: nsp-security-bounces at puck.nether.net [mailto:nsp-security-
> bounces at puck.nether.net] On Behalf Of Stephen Gill
> Sent: Friday, 25 September 2009 6:36 AM
> To: NSP-SEC List
> Subject: [nsp-sec] 37K+ Host Grum Botnet
>
> ----------- nsp-security Confidential --------
>
> Hi Team,
>
> Please visit the following URL for infected Ips in your network seen
> chatting up with this Grum spam botnet head end: 209.160.73.60:80
>
> <https://www.cymru.com/nsp-sec/Owned/grum/grum.txt>
> (*) Your regular nsp-sec u/p apply.
>
> Timestamps in GMT, last seen times only, though there were several hits
> per
> IP in the short time we received the data for.
>
> -- steve
>
> --
> Stephen Gill, Chief Scientist, Team Cymru
> http://www.cymru.com | +1 630 230 5423 | gillsr at cymru.com
>
>
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-
> security
> community. Confidentiality is essential for effective Internet security
> counter-measures.
> _______________________________________________
More information about the nsp-security
mailing list