Educause Security Discussion mailing list archives
keylogger botnet #!!edu2k4 born again
From: Doug Pearson <dodpears () INDIANA EDU>
Date: Tue, 20 Apr 2004 21:46:15 -0500
The keylogger botnet #!!edu2k4 mentioned here: Subject: keylogger bots on #!!edu2k4 Date: Thu, 08 Apr 2004 09:31:29 -0500 has resurfaced on what appears to be a rogue IRC using the DNS names: starman.cocaine.cc rofl.blood.gs Traffic is on port 6667. 124 .edu domains have been observed with bot. Working with Internet2 Abilene network engineering we placed a filter in the Abilene network against the host that resolves to the DNS names and have contacted the NOC serving that network. Doug Pearson Research and Education Networking ISAC http://www.ren-isac.net Watch Desk 24x7: +1(317)278-6630 ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- keylogger botnet #!!edu2k4 born again Doug Pearson (Apr 20)