[nsp-sec] Hlux/Kelihos p2p botnet sinkhole ... more results - 2011-10-04
Serge Droz
serge.droz at switch.ch
Thu Oct 6 04:17:02 EDT 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Proxy-Ack for
ASNs: 8404, 6772, 6730, 34781, 12620, 1257, 12350
Cheers
Serge
On 10/5/11 10:47 AM, Wim Biemolt wrote:
> Dear all,
>
> Attached is a list of the hosts that showed up on October 4th in
> our Hlux/Kelihos p2p botnet sinkhole. The machines are all infected
> with the Hlux bot and should be cleaned. This (verbose) list shows
> only a count of the number of connections. Separately I will post a
> link to the complete logs showing all connections:
- --
SWITCH
- -----------------------
Serge Droz, SWITCH-CERT
Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland
phone +41 44 268 15 63, fax +41 44 268 15 78
serge.droz at switch.ch, http://www.switch.ch
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk6NY/4ACgkQBvXr67kr0SdSsQCgroY4c9+DndqmxvUcw/v54IJR
ABEAn1S++92QegYQCtU00KSWoF3rS9Z2
=iMzY
-----END PGP SIGNATURE-----
More information about the nsp-security
mailing list