nanog mailing list archives
Re: Operation Ghost Click
From: Sam Tetherow <tetherow () shwisp net>
Date: Fri, 27 Apr 2012 12:22:10 -0500
On 04/26/2012 05:00 PM, Andrew Latham wrote:
On Thu, Apr 26, 2012 at 5:57 PM, Kyle Creyts<kyle.creyts () gmail com> wrote:http://www.fbi.gov/news/stories/2011/november/malware_110911/DNS-changer-malware.pdf On Apr 26, 2012 5:48 PM, "Leigh Porter"<leigh.porter () ukbroadband com> wrote:On 26 Apr 2012, at 22:47, "Andrew Latham" <lathama () gmail com<mailto:lathama () gmail com>> wrote: On Thu, Apr 26, 2012 at 5:38 PM, Jeroen van Aart <jeroen () mompl net<mailto:jeroen () mompl net>> wrote: Yes its a major problem for the users unknowingly infected. To them it will look like their Internet connection is down. Expect ISPs to field lots of support s Is there a list of these temporary servers so I can see what customers are using them (indicating infection) and head off a support call with some contact? -- Leigh85.255.112.0 through 85.255.127.255 67.210.0.0 through 67.210.15.255 93.188.160.0 through 93.188.167.255 77.67.83.0 through 77.67.83.255 213.109.64.0 through 213.109.79.255 64.28.176.0 through 64.28.191.255
Or for those that don't want to do the math, here they are in CIDR notation 85.255.112.0/20 67.210.0.0/20 93.188.160.0/21 77.67.83.0/24 213.109.64.0/20 64.28.176.0/20
Current thread:
- Operation Ghost Click Jeroen van Aart (Apr 26)
- Re: Operation Ghost Click Andrew Latham (Apr 26)
- Re: Operation Ghost Click Leigh Porter (Apr 26)
- Re: Operation Ghost Click Andrew Fried (Apr 26)
- Re: Operation Ghost Click Kyle Creyts (Apr 26)
- Re: Operation Ghost Click Andrew Latham (Apr 26)
- Re: Operation Ghost Click Kyle Creyts (Apr 26)
- Re: Operation Ghost Click Sam Tetherow (Apr 27)
- Re: Operation Ghost Click Leigh Porter (Apr 26)
- Re: Operation Ghost Click Andrew Latham (Apr 26)
- Re: Operation Ghost Click Paul Graydon (Apr 26)
- RE: Operation Ghost Click Frank Bulk (Apr 26)
- Re: Operation Ghost Click Jeff Kell (Apr 26)
- RE: Operation Ghost Click O'Reirdan, Michael (Apr 27)
- Re: Operation Ghost Click Jeroen van Aart (Apr 27)
- Re: Operation Ghost Click Ameen Pishdadi (Apr 27)
- Re: Operation Ghost Click ryanL (Apr 27)
- Re: Operation Ghost Click Ameen Pishdadi (Apr 27)
- Re: Operation Ghost Click Valdis . Kletnieks (Apr 27)
- Message not available
- Message not available
- Re: Operation Ghost Click A. Pishdadi (Apr 27)