Wired mag article on spammers playing traceroute games with trojaned boxes

• Previous message (by thread): Wired mag article on spammers playing traceroute games with trojaned boxes
• Next message (by thread): Wired mag article on spammers playing traceroute games with trojaned boxes
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thursday, October 9, 2003, at 10:04  AM, Suresh Ramasubramanian 
wrote:

>
> http://www.wired.com/news/business/0,1367,60747,00.html
>
> -- 
> srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9
> manager, outblaze.com security and antispam operations
>
>
>

I found one of these today, as a matter of fact.  The spam was 
advertising an anti-spam package, of course.

The domain name is vano-soft.biz, and looking up the address, I get

Name:    vano-soft.biz
Addresses:  12.252.185.129, 131.220.108.232, 165.166.182.168, 
193.165.6.97
           12.229.122.9

A few minutes later, or from a different nameserver, I get

Name:    vano-soft.biz
Addresses:  131.220.108.232, 165.166.182.168, 193.165.6.97, 12.229.122.9
           12.252.185.129

This is a real Hydra.  If everyone on the list looked up vano-soft.biz 
and removed the trojaned boxes, would we be able to kill it?

--Chris

• Previous message (by thread): Wired mag article on spammers playing traceroute games with trojaned boxes
• Next message (by thread): Wired mag article on spammers playing traceroute games with trojaned boxes
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]