To report a botnet PRIVATELY please email: [EMAIL PROTECTED] ---------- Hi!
This weekend I've been monitoring some IRC server with a lot of bots. Here is a list of compromised hosts. All have PHP-inclusion related holes :( 210.59.120.219 haco3.kr isobook.com kavalan.com laoportunidadweb.com.ar mail.kevin.seek-fun.com.tw missa.or.kr uprightmedia.co.th www.acs.sk www.burnsidegenealogy.com www.clan-oceans-eleven.de www.cyberzane.net www.dutyofcare.org.au www.fu-yuen.com.cn www.gspijkerman.nl www.jindotour.com www.meisterpokale24.de www.panteon.com.ua www.santanascoffee.com.mx www.stricklyjamin.com www.taxandria.nl www.tour.jindo.kr zsk-gazprom.ru PS: Full entry's available too, but not going to be published. PPS: To these hosts admins - please check "/dev/shm/.kde", you have nice mech-bot there ;))) Best Regards, Dan _______________________________________________ To report a botnet PRIVATELY please email: [EMAIL PROTECTED] All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets