To report a botnet PRIVATELY please email: [EMAIL PROTECTED] ---------- If you machines go through a http proxy, you can check the proxy logs for crud.
Ashish -----Original Message----- From: Sean Zadig [mailto:[EMAIL PROTECTED] Sent: Monday, January 08, 2007 8:36 AM To: [email protected]; [EMAIL PROTECTED] Subject: [botnets] Finding zombies? To report a botnet PRIVATELY please email: [EMAIL PROTECTED] ---------- Greetings all, I'm looking for suggestions on innovative ways to find zombie machines on my networks. Right now, we're looking for IRC traffic and doing some checking for connections to C&C machines (using Shadowserver and various other C&C lists). Do any of you have any recommendations for other methods? So far, I haven't been able to find too much zombie activity, but I have a feeling it's there. We simply have too many machines for there not to be some activity. Thanks, Sean Zadig Sean Zadig Special Agent NASA OIG Computer Crimes Division Goddard Space Flight Center 301.286.8232 PGP Key: 0xE9659D75 ! WARNING ! This email including any attachments is intended only for authorized recipients. Recipients may only forward this information as authorized. This email may contain non-public information that is "Law Enforcement Sensitive," "Sensitive but Unclassified," or otherwise subject to the Privacy Act and/or legal and other applicable privileges that restrict release without appropriate legal authority and clearance. Accordingly, the use, dissemination, distribution or reproduction of this information to or by unauthorized or unintended recipients, including but not limited to non-NASA recipients, may be unlawful. _______________________________________________ To report a botnet PRIVATELY please email: [EMAIL PROTECTED] All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets _______________________________________________ To report a botnet PRIVATELY please email: [EMAIL PROTECTED] All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
