rom: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf
> Of TheGesus
> Sent: Sunday, January 15, 2006 10:38 PM
> To: Byrne, David
> Cc: full-disclosure@lists.grok.org.uk
> Subject: Re: [Full-disclosure] Worm?
>
> > Our IPS vendor is reporting a number of cust
> Our IPS vendor is reporting a number of customers affected by large volumes
> of traffic generated by a worm. Anyone have details?
>
>
> Thanks,
>
> David Byrne
>
Same as it ever was... same as it ever was...
___
Full-Disclosure - We believe in it.
Cha
Title: Worm?
http://actnet.forescout.com/Sc/services
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Byrne, David
Sent: Friday, January 13, 2006
4:05 PM
To: full-disclosure@lists.grok.org.uk
Subject: [Full-disclosure] Worm?
Our
IPS vendor is reporting a
>From your extremely detailed query I'd have to say the NSA. That of
course is based on nothing.
-sb
On 1/13/06, Byrne, David <[EMAIL PROTECTED]> wrote:
>
>
> Our IPS vendor is reporting a number of customers affected by large volumes
> of traffic generated by a worm. Anyone have details?
>
>
>
On 1/13/06, Byrne, David <[EMAIL PROTECTED]> wrote:
>
>
> Our IPS vendor is reporting a number of customers affected by large volumes
> of traffic generated by a worm. Anyone have details?
how about asking your IPS or providing details? perhaps someone else
should have your job.
__
Title: Worm?
Our IPS vendor is reporting a number of customers affected by large volumes of traffic generated by a worm. Anyone have details?
Thanks,
David Byrne
Corporate IT Security
EchoStar Satellite L.L.C.
720-514-5675
[EMAIL PROTECTED]
_
: Andrew A <[EMAIL PROTECTED]>
To: full-disclosure@lists.grok.org.uk
Date: Tue, 27 Sep 2005 09:14:50 -0400
Subject: Re: [Full-disclosure] Worm phone home site question
> This is precisely the sort of thing you should be using Tor for. Thanks, EFF.
>
> On 9/27/05, Michael Holstein &l
This is precisely the sort of thing you should be using Tor for. Thanks, EFF.
On 9/27/05, Michael Holstein <[EMAIL PROTECTED]> wrote:
> (poses the typical ethical dillema .. can you hack into a botnet to shut
> it down? .. probably not --legally anyway-- ..
This is the phone home site for a worm found on the network. Any idea
what service they are running on these ports or how to loggin or register?
Standard [AGO|SD|RX] bot stuff .. it's just an IRCd .. use mIRC, xCHAT,
whatever ...
The channels are always invisible and password protected. Boot
On 9/27/05, odinanne <[EMAIL PROTECTED]> wrote:
> 210.240.39.40 tcp 2255, 5522, 9009
>
> This is the phone home site for a worm found on the network. Any idea
> what service they are running on these ports or how to loggin or register?
>
> This is the worm.
> http://www.trendmicro.com/vinfo/virus
210.240.39.40 tcp 2255, 5522, 9009
This is the phone home site for a worm found on the network. Any idea
what service they are running on these ports or how to loggin or register?
This is the worm.
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM%5FSDBOT%2ECGY&VSect=P
11 matches
Mail list logo
