lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <7227172167468617741@unknownmsgid>
Date: Fri, 24 Feb 2012 14:20:02 +1030
From: Derek Grocke <derek@...rock.net>
To: James Smith <james@...thwaysecurity.com>
Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: Re: Botnet Traffic

Hi James,

I've found that using the Shadow Server network/ASN reports is very useful,
depending on what analysis you are trying to do.

http://www.shadowserver.org/wiki/pmwiki.php/Involve/GetReportsOnYourNetwork

I.e.
 - Detected Botnet Command and Control servers
 - Infected systems (drones)
 - DDoS attacks (source and victim)
 - Scans
 - Clickfraud
 - Compromised hosts
 - Proxies
 - Spam relays
 - Malicious software droppers and other related information.
 - Compromised hosts
 - Proxies
 - Spam relays
 - Malicious software droppers and other related information.

You could always create your own honeypot and/or partner with one of the
carriers/ISP's to get live data.


Thanks
Derek

On 24/02/2012, at 8:51 AM, James Smith <james@...thwaysecurity.com> wrote:

 Hello,

Can anyone on this list provide botnet network traffic for analysis, or
Ip’s which have been infected.
-- 
Sincerely;


James Smith
CEO, CEH, Security Analyst
Email: james@...thwaysecurity.com
Phone: 1877-760-1953
Website: www.SmithwaySecurity.com


CONFIDENTIALITY NOTICE: This communication with its contents may contain
confidential and/or legally privileged information. It is solely for the
use of the intended recipient(s). Unauthorized interception, review, use or
disclosure is prohibited and may violate applicable laws including the
Electronic Communications Privacy Act. If you are not the intended
recipient, please contact the sender and destroy all copies of the
communication.

- This communication is confidential to the parties it was intended to
serve -

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ