Educause Security Discussion mailing list archives
Marketscore proxies...
From: Jeff Kell <jeff-kell () UTC EDU>
Date: Tue, 12 Jan 2010 11:46:53 -0500
Marketscore proxy agents... rxm715 172.20.85.229 00:1D:09:C8:E8:8A PCP-3000-IDF-1-3 Fa0/44 { 3413B } Bryan-Brahan () utc edu < <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=sig_a> Signature > <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=sig_d> < <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=class_a> Classification > <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=class_d> < <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=occur_a> Total # > <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=occur_d> < <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=first_a> First > <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=first_d> < <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=last_a> Last > <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=last_d> ET USER_AGENTS MarketScore.com Spyware User Configuration and Setup Access policy-violation 1 <https://taran.utc.edu/BASE/base_qry_main.php?new=1amp;&sig%5B0%5D=%3D&sig%5B1%5D=1844&sig_type=1&submit=Query+DB&num_result_rows=-1>(0%) 2010-01-12 00:36:48 2010-01-12 00:36:48 SPYWARE-PUT Hijacker marketscore runtime detection misc-activity 46 <https://taran.utc.edu/BASE/base_qry_main.php?new=1amp;&sig%5B0%5D=%3D&sig%5B1%5D=304&sig_type=1&submit=Query+DB&num_result_rows=-1>(0%) 2010-01-05 22:17:23 2010-01-12 00:36:48 SPYWARE-PUT Trackware relevantknowledge runtime detection successful-recon-limited 46 <https://taran.utc.edu/BASE/base_qry_main.php?new=1amp;&sig%5B0%5D=%3D&sig%5B1%5D=1155&sig_type=1&submit=Query+DB&num_result_rows=-1>(0%) 2010-01-05 22:49:53 2010-01-12 16:39:43 ET MALWARE MarketScore.com Spyware Proxied Traffic policy-violation 12 <https://taran.utc.edu/BASE/base_qry_main.php?new=1amp;&sig%5B0%5D=%3D&sig%5B1%5D=934&sig_type=1&submit=Query+DB&num_result_rows=-1>(0%) 2010-01-11 20:25:56 2010-01-12 16:39:43 mvx421 172.20.67.127 00:14:22:AF:EF:52 NVH-CM-3 Fa0/12 { 423DD } Shaundella-Dowdell () utc edu < <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=sig_a> Signature > <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=sig_d> < <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=class_a> Classification > <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=class_d> < <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=occur_a> Total # > <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=occur_d> < <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=first_a> First > <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=first_d> < <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=last_a> Last > <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=last_d> SPYWARE-PUT Hijacker marketscore runtime detection misc-activity 7 <https://taran.utc.edu/BASE/base_qry_main.php?new=1amp;&sig%5B0%5D=%3D&sig%5B1%5D=304&sig_type=1&submit=Query+DB&num_result_rows=-1>(0%) 2010-01-06 15:02:17 2010-01-12 00:46:28 ET USER_AGENTS MarketScore.com Spyware User Configuration and Setup Access policy-violation 5 <https://taran.utc.edu/BASE/base_qry_main.php?new=1amp;&sig%5B0%5D=%3D&sig%5B1%5D=1844&sig_type=1&submit=Query+DB&num_result_rows=-1>(0%) 2010-01-12 00:46:28 2010-01-12 00:46:55 ET MALWARE MarketScore.com Spyware Proxied Traffic policy-violation 20 <https://taran.utc.edu/BASE/base_qry_main.php?new=1amp;&sig%5B0%5D=%3D&sig%5B1%5D=934&sig_type=1&submit=Query+DB&num_result_rows=-1>(0%) 2010-01-11 22:34:22 2010-01-12 10:55:04 SPYWARE-PUT Trackware relevantknowledge runtime detection successful-recon-limited 74 <https://taran.utc.edu/BASE/base_qry_main.php?new=1amp;&sig%5B0%5D=%3D&sig%5B1%5D=1155&sig_type=1&submit=Query+DB&num_result_rows=-1>(0%) 2010-01-06 15:01:56 2010-01-12 12:35:04 qpx236 172.20.81.12 00:23:AE:39:AB:F5 PCP-3000-IDF-2-1 Fa0/9 { 3221D } Mallory-Morton () utc edu < <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=sig_a> Signature > <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=sig_d> < <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=class_a> Classification > <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=class_d> < <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=occur_a> Total # > <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=occur_d> < <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=first_a> First > <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=first_d> < <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=last_a> Last > <https://taran.utc.edu/BASE/base_stat_alerts.php?caller=&sort_order=last_d> SPYWARE-PUT Hijacker marketscore runtime detection misc-activity 22 <https://taran.utc.edu/BASE/base_qry_main.php?new=1amp;&sig%5B0%5D=%3D&sig%5B1%5D=304&sig_type=1&submit=Query+DB&num_result_rows=-1>(0%) 2010-01-08 19:30:35 2010-01-12 05:14:27 ET MALWARE MarketScore.com Spyware Proxied Traffic policy-violation 36 <https://taran.utc.edu/BASE/base_qry_main.php?new=1amp;&sig%5B0%5D=%3D&sig%5B1%5D=934&sig_type=1&submit=Query+DB&num_result_rows=-1>(0%) 2010-01-11 19:31:48 2010-01-12 05:14:27 SPYWARE-PUT Trackware relevantknowledge runtime detection successful-recon-limited 19 <https://taran.utc.edu/BASE/base_qry_main.php?new=1amp;&sig%5B0%5D=%3D&sig%5B1%5D=1155&sig_type=1&submit=Query+DB&num_result_rows=-1>(0%) 2010-01-08 19:30:30 2010-01-12 05:14:27 ET USER_AGENTS MarketScore.com Spyware User Configuration and Setup Access policy-violation 3 <https://taran.utc.edu/BASE/base_qry_main.php?new=1amp;&sig%5B0%5D=%3D&sig%5B1%5D=1844&sig_type=1&submit=Query+DB&num_result_rows=-1>(0%) 2010-01-11 19:47:28 2010-01-12 05:14:27 Disabling. Jeff
Current thread:
- Marketscore proxies... Jeff Kell (Jan 12)
- <Possible follow-ups>
- Re: Marketscore proxies... Jeff Kell (Jan 12)
- Re: Marketscore proxies... Ken Connelly (Jan 12)
- Re: Marketscore proxies... Jeff Kell (Jan 12)