[nsp-sec] ACK AS14 -> Re: 37K+ Host Grum Botnet
Joel Rosenblatt
joel at columbia.edu
Fri Sep 25 12:09:57 EDT 2009
Thanks,
Joel
--On Thursday, September 24, 2009 1:36 PM -0700 Stephen Gill <gillsr at cymru.com> wrote:
> ----------- nsp-security Confidential --------
>
> Hi Team,
>
> Please visit the following URL for infected Ips in your network seen
> chatting up with this Grum spam botnet head end: 209.160.73.60:80
>
> <https://www.cymru.com/nsp-sec/Owned/grum/grum.txt>
> (*) Your regular nsp-sec u/p apply.
>
> Timestamps in GMT, last seen times only, though there were several hits per
> IP in the short time we received the data for.
>
> -- steve
>
> --
> Stephen Gill, Chief Scientist, Team Cymru
> http://www.cymru.com | +1 630 230 5423 | gillsr at cymru.com
>
>
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________
>
Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel
More information about the nsp-security
mailing list