Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Using Magic Values along with filetype to find malicious files (was RE: Google Malware Search)

From: "Dude VanWinkle" <dudevanwinkle () gmail com>
Date: Mon, 17 Jul 2006 18:23:30 -0400
On 7/17/06, Valdis.Kletnieks () vt edu <Valdis.Kletnieks () vt edu> wrote:

On Mon, 17 Jul 2006 17:27:30 EDT, Dude VanWinkle said:

> Hmm, any bets on who is the most infected TLD...  :-)
>
> -JP<who is betting on .ru>

"Biggest source of malware" isn't the same as "most infected".

I'm betting on .com/.net (the US cablemodem/DSL section of that),
.ko, and .cn as being the biggest contenders for infected.



hmm, is there a way to search particular IP blocks rather than DNS
namespaces with google?

-JP<who meant biggest source of malware, but give him a break, its 100
degrees out, not counting the heat index>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: