Re: [botnets] Washington Post: Atrivo/Intercage, why are we peering with the American RBN? (fwd)

Another nice nepenthes virtual machine is available here: http://ids.surfnet.nl/wiki/doku.php?id=global:downloadable_demo There are many more. I just wanted to post a couple easy options to get you up and running. -Jeremy ___ botnets@, the public's

Re: [botnets] reviving this list, allowing sharing

I propose that each and every one of us on this list configure our nepenthes boxes with the email address of this distribution list, so we can share information about new botnet clients in real time. Thoughts? -Jeremy On Wed, Aug 27, 2008 at 4:41 PM, Gadi Evron [EMAIL PROTECTED] wrote

Re: [botnets] mac trojan in-the-wild

should be switching to another OS, or seriously concerned by Mac vulnerabilities. And this has, so far, little to do with botnets... Unless this SE attack is installing a bot. Is it? What does the bot do? Is there a signature? That'd be interesting :) Cheers, JeremyC. -- Jeremy Chatfield

[botnets] Iroffer network

To report a botnet PRIVATELY please email: [EMAIL PROTECTED] --Server: irc.ninth-gate.org:6667, bounty.ninth-gate.org:7029 (servers linked together) Channel: #tdt-test XDCC iroffer bots on this network are compromised hosts, installed on a botnet. Jeremy Linden signature.asc

[botnets] IROffer Net

To report a botnet PRIVATELY please email: [EMAIL PROTECTED] --Server: irc.revolutionirc.net Channel: #pwnd IROffer network, hacked bots serving warez Jeremy Linden signature.asc Description: This is a digitally signed message part

[botnets] Botnets

, #timer Also, the IP addresses 83.98.133.125 and 83.98.133.126 both are running extremely active IRC servers on many different channels. These servers belong to the GurLteam and it would be great if someone could shut them down. Jeremy Linden signature.asc Description: This is a digitally signed

[botnets] Iroffer network

To report a botnet PRIVATELY please email: [EMAIL PROTECTED] --Host: irc.zuul-central.mooo.com:6667 Channel: #zuul-central-xdcc The [ZUUL]-XDCC-[XXX] bots serving warez on this network are infected hosts. They're being infected with IRoffer trojans on a botnet I'm monitoring. Jeremy

[botnets] Modified upx?

paper (75 pages or so)http://rozinov.sfs.poly.edu/papers/bagle_analysis_v.1.0.pdf Best of luck! Jeremy Gadi Evron wrote: M45T3R S4D0W8 wrote:snip There are various Utilitys for making it impossable to Unpack a UPXed EXE. Nothing is impossible. Not trying to be annoying.. just is. The mere fact

[botnets] Another Botnet

). Just to be warned... Jeremy Linden ___ botnets mailing list To report a botnet PRIVATELY please email: [EMAIL PROTECTED] http://www.whitestar.linuxbox.org/mailman/listinfo/botnets

Re: [botnets] botnet in japan...

going into the sketchy legal ground of essentially running remote code on someone else's computer, albeit for a benevolent purpose. Jeremy Linden ___ botnets mailing list To report a botnet PRIVATELY please email: [EMAIL PROTECTED] http