Re: a list of hosts in a RPC BOTNET, mostly 209.x.x.x,

• From: Jan Czmok
• Date: Wed Aug 06 14:39:42 2003

Pascal Gloor ([email protected]) wrote:
> 
> >   The controlling node for this problem seems to be:
> >
> > spaley   [email protected]
> 
> This is me, and I blocked the channel. I'm part of the Abuse-Exploit Term of
> Undernet and an Undernet Administrator. I am, for sure, not the originator
> of those trojans!
> 

Hi Pascal,
Hi Nanog,

i remember that i saw an old cartoon on userfriendly. the 31337 way is:

!SYN 127.0.0.1 

let them SYN off their own network and repeat it until it stops.
it does not harm ANY resources, except the infected hosts.


just my .2 cents

--jan


-- 
Jan Czmok, Network Engineering & Support, Global Access Telecomm, Inc.
Ph.: +49 69 299896-35 - fax: +49 69 299896-40 - sip:13129*[email protected]

• References:
  • a list of hosts in a RPC BOTNET, mostly 209.x.x.x, Drew Weaver
  • Re: a list of hosts in a RPC BOTNET, mostly 209.x.x.x, neal rauhauser 402-301-9555
  • Re: a list of hosts in a RPC BOTNET, mostly 209.x.x.x, Pascal Gloor

• Prev by Date: RE: Server Redundancy
• Next by Date: Re: Server Redundancy
• Date Index
• Thread Index
• Author Index
• Historical