On Fri, 19 Oct 2012 03:22:04 +0330, kaveh ghaemmaghami said: > I appreciate his analyze coz if somebody gets pwn in my network i > don't have to spend time for reversing and analyzing this malware . No, if you find one of these in your network, it means you have *bigger* problems that you *do* need to spend time on. The exploit is against the C&C (Command and Control) server, *not* the bot end. In other words - if you find this one on your net, it means somebody has been *controlling* a botnet from a host on your net. Just a tad more serious than just finding a botted host.
Attachment:
pgpeiBHz8eRM8.pgp
Description: PGP signature
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/