To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
----------
On 14/12/2007, RVaughn <[EMAIL PROTECTED]> wrote:
> To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
> ----------
> Could this possibly be a switch problem?
I'd be inclined to look for configuration errors as well - I haven't
seen any bots that get involved with DHCP. Do the MAC addresses make
sense for your network if you look up the OUI? Have you tried sniffing
subsequent traffic from these machines?
e.g.
00-13-D4 (hex) ASUSTek COMPUTER INC.
0013D4 (base 16) ASUSTek COMPUTER INC.
No.5 Shing Yeh Street
Kwei Shan Hsiang
Tao Yuan Hsien 333
TAIWAN, REPUBLIC OF CHINA
Lookup courtesy of http://standards.ieee.org/regauth/oui/index.shtml
cheers,
Jamie
--
Jamie Riden / [EMAIL PROTECTED] / [EMAIL PROTECTED]
UK Honeynet Project: http://www.ukhoneynet.org/
_______________________________________________
To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
All list and server information are public and available to law enforcement
upon request.
http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
