Re: [Full-Disclosure] Malformed DNS packets
From: daniel uriah clemens <daniel_clemens@autism.birmingham-infragard.org>
Date: Mon Dec 08 2003 - 11:57:41 CST
Received on Mon Dec 08 18:35:29 2003
Date: Mon Dec 08 2003 - 11:57:41 CST
> At last the answer...
>
> http://www.lurhq.com/sinit.html
>
> Appears that the increase in DNS traffic is down to the Sinit P2P trojan.
Here are some packet captures for the calipso trojan.
Thanks again Joe!!
-Daniel Uriah Clemens
Esse quam videra
(to be, rather than to appear)
-Moments of Sorrow are Moments of Sobriety
http://www.birmingham-infragard.org | 2053284200
fingerprint: EDF0 6566 2A4A 220E 5760 EA1F 0424 6DF6 F662 F5BD
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- APPLICATION/octet-stream attachment: malformed_DNS.obf.pcap
This archive was generated by hypermail 2.1.8 : Mon Dec 08 2003 - 19:01:00 CST
Custom Search
