[152356] in North American Network Operators' Group
Re: Operation Ghost Click
daemon@ATHENA.MIT.EDU (Andrew Fried)
Thu Apr 26 17:56:35 2012
Date: Thu, 26 Apr 2012 17:56:01 -0400
From: Andrew Fried <andrew.fried@gmail.com>
To: leigh.porter@ukbroadband.com
In-Reply-To: <10BFFB88-881B-4C13-A039-C6A83C5943B1@ukbroadband.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
I suggest you reach out to Shadowserver or Team Cymru if you're a
netblock owner. They can provide daily reports of infected IPs.
Andy
Andrew Fried
andrew.fried@gmail.com
On 4/26/12 5:50 PM, Leigh Porter wrote:
>
> On 26 Apr 2012, at 22:47, "Andrew Latham" <lathama@gmail.com<mailto:lathama@gmail.com>> wrote:
>
> On Thu, Apr 26, 2012 at 5:38 PM, Jeroen van Aart <jeroen@mompl.net<mailto:jeroen@mompl.net>> wrote:
>
> Yes its a major problem for the users unknowingly infected. To them
> it will look like their Internet connection is down. Expect ISPs to
> field lots of support s
>
> Is there a list of these temporary servers so I can see what customers are using them (indicating infection) and head off a support call with some contact?
>
> --
> Leigh
>
>
> ______________________________________________________________________
> This email has been scanned by the Symantec Email Security.cloud service.
> For more information please visit http://www.symanteccloud.com
> ______________________________________________________________________
