[Emerging-Sigs] Whatismyip Sigs

Joel Esler eslerj at gmail.com
Thu Jan 15 00:16:53 EST 2009


Probably how most malware should be handled at stage one.

Joel

On Jan 14, 2009, at 10:24 PM, David Glosser allegedly wrote:

> <evil thought>
> what would happen to the malware if these ip check-on sites were
> pointed to  127.0.0.1 or to a false address?
> </evil thought>
>
> On Wed, Jan 14, 2009 at 10:21 PM, Paul Dokas <dokas at oitsec.umn.edu>  
> wrote:
>> Matt Jonkman wrote:
>>> Forgot to ask, anyone know of other sites that are commonly used by
>>> malware? These are 95% of what we see in the sandnet.
>>
>> We've seen malware hit ipchicken.com.
>>
>> Paul
>> --
>> Paul Dokas                                     dokas at  
>> oitsec.umn.edu
>> = 
>> =====================================================================
>> Don Juan Matus:  "an enigma wrapped in mystery wrapped in a  
>> tortilla."
>> _______________________________________________
>> Emerging-sigs mailing list
>> Emerging-sigs at emergingthreats.net
>> http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs
>>
> _______________________________________________
> Emerging-sigs mailing list
> Emerging-sigs at emergingthreats.net
> http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs


--
Joel Esler
  http://www.joelesler.nethttp://www.twitter.com/joelesler
[m]



More information about the Emerging-sigs mailing list