[nsp-sec] ACK - Hlux/Kelihos p2p botnet sinkhole ... some results - partone
Rodolfo Baader
rbaader at arcert.gov.ar
Tue Oct 4 11:39:48 EDT 2011
Hi Wim,
proxy ACK for AR ASNs:
7303, 10318, 10481, 10697, 11008, 11315, 11664, 11815, 13585, 16814, 17069,
17401, 19037, 20207, 22080, 22501, 22927, 27747, 27813, 27833, 27927, 27960,
27964, 27976, 27987, 27997, 28048, 28075, 28080, 28111, 52273
Notifications were sent to the abuse/noc departments.
Regards,
R.
El 03/10/11 17:25, Wim Biemolt escribió:
> Dear all,
>
> Attached part one (asn <= 12334) of the hosts that showed up on the
> Hlux/Kelihos p2p botnet sinkhole. The machines are all infected with
> the Hlux bot and should be cleaned. The timestamps are in GMT, with
> nanosecond resolution.
>
More information about the nsp-security
mailing list