[Emerging-Sigs] Blackhole served via Yahoo

Joel Esler jesler at sourcefire.com
Mon Dec 17 09:55:35 HAST 2012


I'm fairly positive they have been contacted judging by the sources of the blacklist information that we have.


On Dec 17, 2012, at 2:52 PM, Martin Holste <mcholste at gmail.com> wrote:

> Ok, so pretty recent then.  Anyone have a decent contact at Yahoo?  We have a lot of local businesses hosted on these IP's, so I don't want to block unless there's no option for remediation.  
> 
> 
> On Mon, Dec 17, 2012 at 1:50 PM, Joel Esler <jesler at sourcefire.com> wrote:
> On Dec 17, 2012, at 2:20 PM, Martin Holste <mcholste at gmail.com> wrote:
> 
>> That's definitely what's being dropped, but we haven't blocked due to so many legit pages on that IP.  Any idea how long they've been on your blacklist for?
> 
> Since the 13th of December.
> 
> --
> Joel Esler
> Senior Research Engineer, VRT
> OpenSource Community Manager
> Sourcefire
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-sigs/attachments/20121217/6f0a1900/attachment.html>


More information about the Emerging-sigs mailing list