Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

22 botnet servers

From: dodpears <dodpears () INDIANA EDU>
Date: Mon, 23 Aug 2004 05:50:21 -0500
Forwarding reports of bot:

Doug Pearson
dodpears () indiana edu
Research and Education Networking ISAC
24x7 Watch Desk: ren-isac () iu edu, +1(327)278-6630


Botnets have been observed residing on the following command and control
servers. The malware and channels are unknown.

Server IP: 61.128.198.25
Server AS: 4134 (CHINANET-BACKBONE No.31,Jin-ro)
Server Name:

Server IP: 222.98.247.117
Server AS: 4766 (KIXS-AS-KR Korea Telecom)
Server Name: irc.dxl-saved.us

Server IP: 140.122.130.251
Server AS: 1659 (ERX-TANET-ASN1 Tiawan Academic)
Server Name: irc.dxl-saved.us

Server IP: 66.90.119.39
Server AS: 6517 (YIPS Yipes Communications, Inc)
Server Name: irc.cali420.net

Server IP: 193.65.32.13
Server AS: 790 (KQFI EUnet Finland)
Server Name: devil.ima.silol.net

Server IP: 194.47.247.230
Server AS: 1653 (SUNET SUNET Swedish University)
Server Name: nsa1.gov

Server IP: 147.188.63.154
Server AS: 29212 (SYNETRIX-AS Synetrix Ltd.)
Server Name: nsa.gov

Server IP: 157.181.193.139
Server AS: 2012 (ELTENET)
Server Name: hub1.0wnage.net

Server IP: 141.62.64.112
Server AS: 553 (BELWUE Landeshochschulnetz Bad)
Server Name: nsa2.gov

Server IP: 209.248.89.130
Server AS: 15221 (VANO Vanion, Inc.)
Server Name: FF-02

Server IP: 207.36.17.13
Server AS: 3064 (CIT-41 CyberGate Internet Tech)
Server Name: irc.primarydns.com

Server IP: 194.146.227.98
Server AS: 29415 (OVANET-GBL-NET-FR-AS OVANET Fr)
Server Name: sd415.sivit.org

Server IP: 193.77.182.23
Server AS: 5603 (SIOL-NET SiOL Internet d.o.o.)
Server Name: Crazy.man

Server IP: 66.227.8.9
Server AS: 6517 (YIPS Yipes Communications, Inc)
Server Name: net.st0rmhosting.com

Server IP: 67.19.77.12
Server AS: 13884 (TPCM ThePlanet.com Internet Se)
Server Name: samurai.turkcoders.net

Server IP: 24.101.220.202
Server AS: 812 (ROCB Rogers Cable Inc.)
Server Name: xXx.org

Server IP: 64.124.166.241
Server AS: 30407 (RCPNE Rcp.net)
Server Name: demon.turkcoders.net

Server IP: 220.117.2.204
Server AS: 4766 (KIXS-AS-KR Korea Telecom)
Server Name: trinity.gmail.com

Server IP: 216.15.75.57
Server AS: 6079 (RCN RCN Corporation)
Server Name: We.Love.Sex8

Server IP: 69.50.185.244
Server AS: 27595 (ATRIV Atrivo)
Server Name: spider.web

Server IP: 68.80.106.239
Server AS: 22909 (CMCS Comcast Cable Communicati)
Server Name: hub52.seriumownz.net

Server IP: 67.50.83.145
Server AS: 5650 (ELIX Electric Lightwave Inc)
Server Name: Darkness12.CroNation.net

-o0o-

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.
Previous By Date Next
Previous By Thread Next

Current thread: