Thanks, Andrew. I was out and about, and couldn't remember the prefixes off-hand. They should have been in that PDF, iirc On Apr 26, 2012 6:01 PM, "Andrew Latham" <lath...@gmail.com> wrote:
> On Thu, Apr 26, 2012 at 5:57 PM, Kyle Creyts <kyle.cre...@gmail.com> > wrote: > > > http://www.fbi.gov/news/stories/2011/november/malware_110911/DNS-changer-malware.pdf > > > > On Apr 26, 2012 5:48 PM, "Leigh Porter" <leigh.por...@ukbroadband.com> > > wrote: > >> > >> > >> On 26 Apr 2012, at 22:47, "Andrew Latham" > >> <lath...@gmail.com<mailto:lath...@gmail.com>> wrote: > >> > >> > >> On Thu, Apr 26, 2012 at 5:38 PM, Jeroen van Aart > >> <jer...@mompl.net<mailto:jer...@mompl.net>> wrote: > >> > >> Yes its a major problem for the users unknowingly infected. To them > >> it will look like their Internet connection is down. Expect ISPs to > >> field lots of support s > >> > >> Is there a list of these temporary servers so I can see what customers > are > >> using them (indicating infection) and head off a support call with some > >> contact? > >> > >> -- > >> Leigh > > 85.255.112.0 through 85.255.127.255 > 67.210.0.0 through 67.210.15.255 > 93.188.160.0 through 93.188.167.255 > 77.67.83.0 through 77.67.83.255 > 213.109.64.0 through 213.109.79.255 > 64.28.176.0 through 64.28.191.255 > > -- > ~ Andrew "lathama" Latham lath...@gmail.com http://lathama.net ~ > >