Full Disclosure mailing list archives

Re: Malformed DNS packets

From: daniel uriah clemens <daniel_clemens () autism birmingham-infragard org>
Date: Mon, 8 Dec 2003 17:57:41 +0000 (GMT)

At last the answer...

http://www.lurhq.com/sinit.html

Appears that the increase in DNS traffic is down to the Sinit P2P trojan.


Here are some packet captures for the calipso trojan.
Thanks again Joe!!

-Daniel Uriah Clemens

Esse quam videra
     (to be, rather than to appear)
                     -Moments of Sorrow are Moments of Sobriety
http://www.birmingham-infragard.org   | 2053284200
fingerprint: EDF0 6566 2A4A 220E 5760  EA1F 0424 6DF6 F662 F5BD

Attachment: malformed_DNS.obf.pcap
Description:

Current thread:

Malformed DNS packets Chris Brown (Dec 08)
- Re: Malformed DNS packets daniel uriah clemens (Dec 08)