| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20040927190746.32822.qmail@web51504.mail.yahoo.com> From: keydet89 at yahoo.com (Harlan Carvey) Subject: New virus? Bernardo, Do you have access to this machine, either physically or remotely (as an admin)? If so, have you pulled any data from the system to see what's going on? --- Bernardo Santos Wernesback <bernardo@....com.br> wrote: > Hi everyone, > > Has anyone seen a lot of HTTP activity to a certain > site: > http://www.fotosgratis.pop.com.br ? > > One of our clients has several machines making tons > of requests for TXT > files on that server: > > botao.txt > mswinsck.txt > ita01.txt > caixa01.txt > teclado07.txt > caixa01.txt > caixa02.txt > caixa03.txt > caixa04.txt > caixa05.txt > > Thanks for any info., > > _____________________________________________________ > > Bernardo Santos Wernesback > > > > ESSE,ESS,SCSE,CCNA/DA, > > CCSA,CQS,MCP > > > > Consultant / ISH Tecnologia > > > > Phone: +55-27-3334-8900 > > Mobile: +55-27-8111-0884 > > Email: bernardo@....com.br > > PGP Fingerprint: > 6A42 3701 70D7 FD0F 5FA9 D232 CDD4 6189 EF43 > 95F5 > > > ===== ------------------------------------------------------------------------ Harlan Carvey, CISSP "Windows Forensics and Incident Recovery" http://www.windows-ir.com http://groups.yahoo.com/group/windowsir/ ------------------------------------------------------------------------
Powered by blists - more mailing lists