> At last the answer...
>
> http://www.lurhq.com/sinit.html
>
> Appears that the increase in DNS traffic is down to the Sinit P2P trojan.
Here are some packet captures for the calipso trojan.
Thanks again Joe!!
-Daniel Uriah Clemens
Esse quam videra
(to be, rather than to appear)
-Moments of Sorrow are Moments of Sobriety
http://www.birmingham-infragard.org | 2053284200
fingerprint: EDF0 6566 2A4A 220E 5760 EA1F 0424 6DF6 F662 F5BD
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
This archive was generated by hypermail 2.1.8 : Mon Dec 08 2003 - 19:01:00 CST
