Full Disclosure mailing list archives
Re: Botnet Traffic
From: Derek Grocke <derek () madrock net>
Date: Fri, 24 Feb 2012 14:20:02 +1030
Hi James, I've found that using the Shadow Server network/ASN reports is very useful, depending on what analysis you are trying to do. http://www.shadowserver.org/wiki/pmwiki.php/Involve/GetReportsOnYourNetwork I.e. - Detected Botnet Command and Control servers - Infected systems (drones) - DDoS attacks (source and victim) - Scans - Clickfraud - Compromised hosts - Proxies - Spam relays - Malicious software droppers and other related information. - Compromised hosts - Proxies - Spam relays - Malicious software droppers and other related information. You could always create your own honeypot and/or partner with one of the carriers/ISP's to get live data. Thanks Derek On 24/02/2012, at 8:51 AM, James Smith <james () smithwaysecurity com> wrote: Hello, Can anyone on this list provide botnet network traffic for analysis, or Ip’s which have been infected. -- Sincerely; James Smith CEO, CEH, Security Analyst Email: james () smithwaysecurity com Phone: 1877-760-1953 Website: www.SmithwaySecurity.com CONFIDENTIALITY NOTICE: This communication with its contents may contain confidential and/or legally privileged information. It is solely for the use of the intended recipient(s). Unauthorized interception, review, use or disclosure is prohibited and may violate applicable laws including the Electronic Communications Privacy Act. If you are not the intended recipient, please contact the sender and destroy all copies of the communication. - This communication is confidential to the parties it was intended to serve - _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Botnet Traffic James Smith (Feb 23)
- Re: Botnet Traffic Sanguinarious Rose (Feb 23)
- Re: Botnet Traffic Derek Grocke (Feb 23)
- Re: Botnet Traffic Sardina, Dominick (Feb 24)
- <Possible follow-ups>
- Re: Botnet Traffic Hurgel Bumpf (Feb 23)
- Re: Botnet Traffic James Smith (Feb 23)