[nsp-sec] ACK AS217 Re: 37K+ Host Grum Botnet
Brian Eckman
eckman at umn.edu
Wed Sep 30 12:29:31 EDT 2009
Stephen Gill wrote:
> ----------- nsp-security Confidential --------
>
> Hi Team,
>
> Please visit the following URL for infected Ips in your network seen
> chatting up with this Grum spam botnet head end: 209.160.73.60:80
<snip>
Sorry for the late ACK - I was out of town. Thankfully we had discovered
this one independently, disabled the user's network connection, and
notified the user of their infection about 90 minutes after the given
timestamp.
Thanks,
Brian
--
Brian Eckman, Security Analyst
University of Minnesota
Office of Information Technology
Security & Assurance
More information about the nsp-security
mailing list