[nsp-sec] DDoS: Compromised web servers -- Round 3
Leif Nixon
nixon at nsc.liu.se
Mon Oct 1 08:13:46 EDT 2012
Nick Ianelli <ni at allyourinfoarebelongto.us> writes:
> I was able to identify 304 new hosts that they might be utilizing for
> their DDoS attacks. This is the first time I've seen these hosts, so I
> haven't notified anyone.
>
> The below request still exists, logs and files would be awesome, best
> effort though.
I have some data from
12552 | 213.132.113.47 | SE | http://www.tenhult.pingst.se/administrator/templates/bluestork/indx.php | IPO-EU IP-Only Telecommunication Networks AB
if you are still interested.
--
Leif Nixon - Security officer
National Supercomputer Centre - Swedish National Infrastructure for Computing
Nordic Data Grid Facility - European Grid Infrastructure
More information about the nsp-security
mailing list