Educause Security Discussion mailing list archives

Re: FW: 1500+ client active botnet

From: "H. Morrow Long" <morrow.long () YALE EDU>
Date: Fri, 30 Jan 2004 17:02:02 -0500

Thanks Mark.  I was able to watch an (apparently) compromised PC
use a python script to download a gzipped bundle from one of the
IPs in your list as a result of your message.

H. Morrow Long, CISSP, CISM

Director - Information Security
Yale University, ITS

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.

Attachment: smime.p7s
Description:

Current thread:

FW: 1500+ client active botnet Bruhn, Mark S. (Jan 30)
- <Possible follow-ups>
- Re: FW: 1500+ client active botnet Bruhn, Mark S. (Jan 30)
- Re: FW: 1500+ client active botnet H. Morrow Long (Jan 30)