[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Happy New Year! Let the botnets loose!

Subject: Happy New Year! Let the botnets loose!
From: jbates at brightok.net (Jack Bates)
Date: Fri, 02 Jan 2009 14:23:14 -0600

 From reports in the CBL database, it appears they have enjoyed some DOS 
traffic yesterday, and I'm currently enjoying a little 40k+ botnet 
attack (small botnet beats large one when you host the victim IP).

Anyone have any good resources on the breakdowns of the current known 
botnets and their traffic patterns? This one appears to use random IP 
protocol numbers, and extremely small packets. IP 255 and ICMP type 70 
seem popular on this one, but I see a lot of randomness.

Feel free to reply offlist if you have some good resources.

Jack Bates

Prev by Date: Security team successfully cracks SSL using 200 PS3's and MD5 flaw.
Next by Date: Looking for verification that Google and Akamai have the geo-ip for 96.31.0.0/20 set correctly
Previous by thread: Weekly Routing Table Report
Next by thread: Anyone else seeing loss in SAVVIS?
Index(es):
- Date
- Thread