lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20031208175627.Y18131-101000@birmingham-infragard.org>
From: daniel_clemens at autism.birmingham-infragard.org (daniel uriah clemens)
Subject: Malformed DNS packets


> At last the answer...
>
> http://www.lurhq.com/sinit.html
>
> Appears that the increase in DNS traffic is down to the Sinit P2P trojan.

Here are some packet captures for the calipso trojan.
Thanks again Joe!!

-Daniel Uriah Clemens

Esse quam videra
     (to be, rather than to appear)
	             -Moments of Sorrow are Moments of Sobriety
http://www.birmingham-infragard.org   | 2053284200
fingerprint: EDF0 6566 2A4A 220E 5760  EA1F 0424 6DF6 F662 F5BD

-------------- next part --------------
A non-text attachment was scrubbed...
Name: malformed_DNS.obf.pcap
Type: application/octet-stream
Size: 726584 bytes
Desc: 
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20031208/6e39abac/malformed_DNS.obf.obj

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ