To report a botnet PRIVATELY please email: [EMAIL PROTECTED] ---------- Looks like most of the pages have already been suspended but the 207.90.211.54 hit my honeypot a couple of days ago for "http://207.90.211.54/hey"; both seem to not be on the server anymore Looks like it came through for an ASN1 exploit on port 80...so unless someone has a capture of the "art|arts|hey" client I'm out.
Jake -------------- Original message ---------------------- From: [EMAIL PROTECTED] > To report a botnet PRIVATELY please email: [EMAIL PROTECTED] > ---------- > I just don;t have time to look at it right now, so here is the link to > another botnet irc client: > > http://210.3.4.193/cmd.txt <<-- defacer > 70.168.74.193/strange <<-- downloader > 207.90.211.54/arts <<-- actual client > http://72.34.42.241/~dancing/bash <<-- spreader > > > peace out. > > ------------------------------------------------- > Email solutions, MS Exchange alternatives and extrication, > security services, systems integration. > Contact: [EMAIL PROTECTED] > > > _______________________________________________ > To report a botnet PRIVATELY please email: [EMAIL PROTECTED] > All list and server information are public and available to law enforcement > upon > request. > http://www.whitestar.linuxbox.org/mailman/listinfo/botnets _______________________________________________ To report a botnet PRIVATELY please email: [EMAIL PROTECTED] All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
