mailing list archives
Re: Compromised hosts lists
From: Jason Coombs <jasonc () science org>
Date: Tue, 21 Feb 2006 13:04:30 +1300
James Lay wrote:
I had heard tale of a site that had a semi-updated list of compromised
hosts. I was hoping that someone knows that link...would LOVE to be
able to get my firewall to get this list and auto-create an iptables
rule. Thanks all!
Various forms of malware autopopulate central compromised host
directories which botnet or drone army operators use to assemble their
lists... I've found these to be particularly useful in defending against
criminal prosecutions of persons whose Windows boxes were added to such
lists during a time period in which computer forensic evidence found in
their possession appears to incriminate their computer (and by
extension, the computer owner) as a tool of the alleged crime.
I'd like a better history of compromised hosts for this purpose, and
suggest that botnet operators be required to publish their logs. ;-)
jasonc () science org
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/