Archive for January, 2009

Quick RFI Analysis

January 28, 2009 by Jose Nazario

I’ve started to collect RFI attempts, logging the attacking IP and what the URL they’re trying to include is. I’ve started to work on this because I’m looking for certain botnets and tools used by them, and they’re not accessible otherwise. This seems like an under-studied area of botnet tracking. Most of the time I [...]


Posted in Attacks and DDoS Attacks, Botnets, Vulnerabilities
Read More

ICANN Fast Flux Document: Comment Period

January 27, 2009 by Jose Nazario

The ICANN May08 Fast Flux PDP Working Group has released a report on fast flux service networks, outlining the scope of the problem and ICANN’s possible role in addressing it. It leaves a few questions unanswered and also leaves ICANN’s role as unresolved. This is your big chance to get into the fray and comment [...]


Posted in ATLAS, Botnets, Policy
Read More

iWorkServices == P2P iBotnet

January 23, 2009 by Jose Nazario

If you want iWork 09 and didn’t want to pay for it, you may have grabbed a pirated copy. That may not have been all you got. If you wanted your Mac to be a part of a P2P botnet, then you’re in luck! It turns out the package you may have downloaded over BitTorrent, [...]


Posted in Botnets, P2P, Trojan Horses
Read More
« Previous Entries
Next Entries »