I harvested > 1700 sql injection attempts by danmec related infectors. targets included >200 exposed honeypots (er, oops , I mean "client maintained servers") dispersed across widely varied address ranges. In every case this URL was the download point: http://www0.douhunqn.cn/csrss/w.js
brack
_______________________________________________ botnets@, the public's dumping ground for maliciousness All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets