Re: [botnets] 2150 connections

[Jim Becher]

To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
----------

Or an automated tool that can parse the IRC list and draft or send an e-mail to an abuse contact with a list of the machines from that domain or netblock that are victims?   If/when we detect a machine that is part of a botnet, we usually just report the IRC server performing the command and control (due to time constraints).  It would be beneficial to get work out to the abuse contacts for the domains of the machines in the IRC channel.  I can imagine a lot of the reports would fall on deaf ears… as I have had very little luck with malicious activity involving cable/DSL subscribers in the US.   If you just cut off the head… you still have a number of vulnerable machines out there.  Machines that will probably end up in another botnet…       -jim From: Michael Stanton [mailto:[EMAIL PROTECTED] Sent: Friday, March 03, 2006 1:08 PM To: botnets@whitestar.linuxbox.org Subject: [botnets] 2150 connections   Just curious...aside from this mailing list, has there been any attempt to contact some of the more notable victims on your list? (e.g. centcom.mil, nist.gov)

_______________________________________________
botnets mailing list
To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
http://www.whitestar.linuxbox.org/mailman/listinfo/botnets