24 (more) botnet C&C

[REN-ISAC <dodpears () INDIANA EDU>]

Forwarding reports of bot:

Botnets have been observed residing on the following command and control servers. Two US-based universities are being 
contacted directly about servers within their networks.

Server IP: 24.70.193.37
Server AS: 6327 (Shawc-2 Shaw Communications)
Server Name:

Server IP: 204.174.93.111
Server AS: 25749 (ISLE Island Internet Inc.)
Server Name: m00p-230.m00p.org

Server IP: 82.43.122.199
Server AS: 5462 (CABLEINET Telewest Broadband)
Server Name: 3vil.xdccset.biz

Server IP: 82.165.41.89
Server AS: 8560 (SCHLUND-AS Schlund + Partner A)
Server Name: 2.roxnet.org

Server IP: 69.47.172.22
Server AS: 29737 (WOPW WideOpenWest LLC)
Server Name: Zero.m00p.org

Server IP: 218.57.8.114
Server AS: 4837 (CHINA169-BACKBONE CNCGROUP IP)
Server Name: Microsoft-1

Server IP: 140.113.108.230
Server AS: 9916 (NCTU-TW National Chiao Tung Un)
Server Name: mIRC.ROLAX.Com

Server IP: 65.110.54.249
Server AS: 21840 (SAGONE Sago Networks)
Server Name: Fuckoff.com

Server IP: 212.175.149.149
Server AS: 9121 (TTNET TTnet Autonomous System)
Server Name: Irc.keltos.net

Server IP: 24.232.227.172
Server AS: 10318 (CABLEVISION S.A.)
Server Name: chat7.yahoo.com

Server IP: 66.230.141.94
Server AS: 23393 ( IPRM ISPrime, Inc.)
Server Name:

Server IP: 162.39.251.6
Server AS: 7029 (AIS-43 Alltel Information Serv)
Server Name: OmS3od.CraZy.Net

Server IP: 68.113.125.131
Server AS: 20115 (CC04 Charter Communications)
Server Name: m00p-139.m00p.org

Server IP: 69.50.181.85
Server AS: 27595 (ATRIV Atrivo)
Server Name: m00p.org

Server IP: 61.93.41.226
Server AS: 9269 (CTIHK-AS-AP City Telecom (H.K.)
Server Name: FBI5.ROLAX.COM

Server IP: 69.199.185.11
Server AS: 812 (ROCB Rogers Cable Inc.)
Server Name: R.biz

Server IP: 24.132.45.89
Server AS: 8209 (UPC-NL UPC Netherlands - Auton)
Server Name: m.haxed.org

Server IP: 65.39.139.27
Server AS: 13768 (PER1 Peer 1 Network Inc.)
Server Name: blam.blam.net

Server IP: 81.223.68.154
Server AS: 8514 (INODE inode Telekommunikations)
Server Name: sErVeR1.just-fine.de

Server IP: 169.226.85.157
Server AS: 6395 ( BCS-93 Broadwing Communication)
Server Name:

Server IP: 67.15.88.168
Server AS: 30315 (EVRY Everyones Internet, Inc.)
Server Name: Irc.HipHopOrtami.Com

Server IP: 66.90.97.3
Server AS: 6517 (YIPS Yipes Communications, Inc)
Server Name: shell1.sluts-areEZ.com

Server IP: 61.153.224.115
Server AS: 4134 (CHINANET-BACKBONE No.31,Jin-ro)
Server Name: CraZy.Net

Server IP: 66.90.97.30
Server AS: 6517 (YIPS Yipes Communications, Inc)
Server Name: hub.sluts-areEZ.com

---

Doug Pearson
dodpears () indiana edu
Research and Education Networking ISAC
24x7 Watch Desk: ren-isac () iu edu, +1(327)278-6630

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.