Re: a list of hosts in a RPC BOTNET, mostly 209.x.x.x,

• From: neal rauhauser 402-301-9555
• Date: Wed Aug 06 12:35:50 2003

   Someone has changed the channel topic to "CLOSED, Thanks for the post
to NANOG :-("


  But I don't see hosts being k-lined - I imagine if IRCops took an
interest in this they'd be lopping off heads. 


  The controlling node for this problem seems to be:

spaley   [email protected]

  But the forward lookup on the name leads to RFC 1918 space.


  The nice folks in #hack seem to have taken an interest in this problem
... perhaps they have some secret t3kn33k for dealing with such things.



~I've tried contacting abuse departments of several of these isps and
none of them seem ~to care, so I figured I would post the info
~here, and maybe someone will let them know, the biggest offender is
atlantech. These ~are all hosts that have been compromised by
~the same person, they're being used to SYN flood 65.110.34.100

 

~If you want to see this glorious channel for your self its called
#!LPOL! on Undernet.

• Follow-Ups:
  • Re: a list of hosts in a RPC BOTNET, mostly 209.x.x.x, Andy Smith
  • Re: a list of hosts in a RPC BOTNET, mostly 209.x.x.x, Pascal Gloor

• References:
  • a list of hosts in a RPC BOTNET, mostly 209.x.x.x, Drew Weaver

• Prev by Date: Re: a list of hosts in a RPC BOTNET, mostly 209.x.x.x,
• Next by Date: Re: a list of hosts in a RPC BOTNET, mostly 209.x.x.x,
• Date Index
• Thread Index
• Author Index
• Historical