Re: Botnet Servers

[Stephanus J Alex Taidri <securityfocus.ae () taidri com>]

Hi Peter,

Thanks for sharing this part below:
http://kb.bothunter.net/ipInfo/IPRep.php?IP=xx.xx.xx.xx

It's simple but effective! -- I hope the database is accurate.

I wonder who's behind this good service (kb.bothunter.net) and whether
anyone had ever validate this against known malicious URLs.

Kind regards,
SJ Alex Taidri

On Wed, May 9, 2012 at 3:19 AM, Peter Milleson <pitr256 () gmail com> wrote:
> Hi Mahmoud,
>
> I have found the kb.bothunter.net has a very good and updated tracking
> of malware propagation hosts and botnet C&Cs. They also have a fairly
> easy to extend function to look up whether an IP is malicious or not,
> i.e.: http://kb.bothunter.net/ipInfo/IPRep.php?IP=xx.xx.xx.xx where
> xx.xx.xx.xx is the IP you are querying information on.
>
> Zeus tracker (https://zeustracker.abuse.ch/) does a good job as well
> but not as easy to extend with a simple web query but their data is
> downloadable.
>
> Regards,
>
> Peter
>
> On Tue, May 8, 2012 at 1:47 PM, Thugzclub <thugzclub () googlemail com> wrote:
> > Look at the symantec solutions. What end point solution are you using?
> >
> >
> >
> > On 7 May 2012, at 01:31, Mahmoud Kaddoura <Mahmoud.Kaddoura () injazat com> wrote:
> >
> > > Hi
> > >
> > > I am wondering if there is a specific and updated list of botnet servers that we can monitor against since the End 
> > > Point Protection is not detecting them in some cases
> > >
> > > Regards,
> > > Mahmoud
> > >
> > > -----Original Message-----
> > > From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Hani Habashy
> > > Sent: Friday, May 04, 2012 10:30 PM
> > > To: 'Ahmed RAHAL'; 'Thugzclub'
> > > Cc: pen-test () securityfocus com; security-basics () securityfocus com
> > > Subject: RE: Firewall Review
> > >
> > > Kiwi syslog is windows environment options as well.  If you have it in the budget checkout Palo Alto Firewalls.  
> > > It has some really cool logging abilities and can get right down the user.
> > >
> > > Thanks,
> > >
> > >
> > > Hani Habashy
> > > Director of Information Technology
> > >
> > >
> > > -----Original Message-----
> > > From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Ahmed RAHAL
> > > Sent: Friday, May 04, 2012 2:06 PM
> > > To: Thugzclub
> > > Cc: pen-test () securityfocus com; security-basics () securityfocus com
> > > Subject: Re: Firewall Review
> > >
> > > Hi,
> > >
> > > I liked webmin's firewall module a lot. It looks clean and has all possible options.
> > >
> > > You'll have to create a 'standard' firewall configuration file with 'iptables-save' to make it parsable. But from 
> > > there, it is quite straigt forward to understand.
> > >
> > > This removes the pain of the very frustrating (yet logical) command line. Besides, good knowledge of iptables is 
> > > not optional ;)
> > >
> > > bye,
> > >
> > > Le vendredi 04 mai 2012 à 13:26 +0100, Thugzclub a écrit :
> > > > Guys - I think you may have misunderstood me. I want something to consume existing firewall rules and present 
> > > > them in a GUI so that I can review it...
> > > >
> > > >
> > > >
> > > > On 4 May 2012, at 07:07, Thugzclub <thugzclub () googlemail com> wrote:
> > > >
> > > > > Hi,
> > > > >
> > > > > I need to review an IPtables rule set  but Iptable syntax is killing me :((. Any guidance on tools that can 
> > > > > simplify it?
> > > > >
> > > > >
> > > > > cheers
> > > > >
> > > > >
> > > > > On 3 May 2012, at 20:12, David Bridgman <David.Bridgman () lifelock com> wrote:
> > > > >
> > > > > > You could get a product like Splunk or setup a Linux box with syslogng and zabbix for the monitoring and 
> > > > > > logging. External companies that monitor firewalls usually create an ssl or vpn connection via the internet to 
> > > > > > your devices to pull in logging information. Depending on what you would like them to do, just logging or 
> > > > > > config changes you will need to give them access for this.
> > > > > >
> > > > > > David Bridgman, CISSP
> > > > > > Sr. Information Security Engineer | LifeLock® - Relentlessly
> > > > > > Protecting Your IdentityT
> > > > > > 480.457.2029 Office | 480.253.2633 Cell David.Bridgman () lifelock com
> > > > > > 60 E. Rio Salado Parkway, Suite 400, Tempe, AZ 85281
> > > > > >
> > > > > >
> > > > > >
> > > > > > -----Original Message-----
> > > > > > From: listbounce () securityfocus com
> > > > > > [mailto:listbounce () securityfocus com] On Behalf Of a bv
> > > > > > Sent: Thursday, May 03, 2012 5:25 AM
> > > > > > To: security-basics () securityfocus com
> > > > > > Subject: Firewall availability and reporting
> > > > > >
> > > > > > Hi,
> > > > > >
> > > > > > Im again in need of  firewall availability and reporting. Is there a solution you can recommend? There are 
> > > > > > companies at web which says we are doing firewall external monitoring but i doent know how do they technically 
> > > > > > do that and how reliable and good working .
> > > > > >
> > > > > >
> > > > > > Regards
> > > > > >
> > > > > > -------------------------------------------------------------------
> > > > > > ----- Securing Apache Web Server with thawte Digital Certificate In
> > > > > > this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
> > > > > > how it benefits your company and how your customers can tell if a site is secure. You will find out how to 
> > > > > > test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best 
> > > > > > practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys 
> > > > > > and digital certificates.
> > > > > >
> > > > > > http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6
> > > > > > be442f727d1
> > > > > > -------------------------------------------------------------------
> > > > > > -----
> > > > > >
> > > > > >
> > > > > > ___________________________________________________________________
> > > > > > __________ The information contained in this transmission may
> > > > > > contain privileged and confidential information. It is intended only for the use of the person(s) named above. 
> > > > > > If you are not the intended recipient, you are hereby notified that any review, dissemination, distribution or 
> > > > > > duplication of this communication is strictly prohibited. If you are not the intended recipient, please contact 
> > > > > > the sender by reply email and destroy all copies of the original message.
> > > > > > ___________________________________________________________________
> > > > > > __________
> > > > > >
> > > > > > -------------------------------------------------------------------
> > > > > > ----- Securing Apache Web Server with thawte Digital Certificate In
> > > > > > this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
> > > > > > how it benefits your company and how your customers can tell if a site is secure. You will find out how to 
> > > > > > test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best 
> > > > > > practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys 
> > > > > > and digital certificates.
> > > > > >
> > > > > > http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6
> > > > > > be442f727d1
> > > > > > -------------------------------------------------------------------
> > > > > > -----
> > > >
> > > > ----------------------------------------------------------------------
> > > > -- Securing Apache Web Server with thawte Digital Certificate In this
> > > > guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how it 
> > > > benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
> > > > purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
> > > > set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
> > > > certificates.
> > > >
> > > > http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be4
> > > > 42f727d1
> > > > ----------------------------------------------------------------------
> > > > --
> > >
> > > --
> > > =================================================
> > > Ahmed Rahal <arahal () iweb com> / iWeb Technologies =================================================
> > >
> > >
> > > ------------------------------------------------------------------------
> > > Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL 
> > > and who needs an SSL certificate.  We look at how SSL works, how it benefits your company and how your customers 
> > > can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital 
> > > Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure 
> > > efficient ongoing management of your encryption keys and digital certificates.
> > >
> > > http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> > > ------------------------------------------------------------------------
> > >
> > >
> > >
> > >
> > > Confidentiality Notice:  The contents of this message, together with any attachments, are intended only for the 
> > > use of the
> > > person(s) to which they are addressed and may contain confidential and/or privileged information.  Further, any 
> > > medical  information herein is confidential and protected by law. It is unlawful for unauthorized persons to use, 
> > > review, copy, disclose, or disseminate confidential medical information. If you are not the intended recipient, 
> > > immediately advise the  sender and delete this message and any attachments. Any distribution, or copying of this 
> > > message, or any attachment, is prohibited.
> > >
> > >
> > > ------------------------------------------------------------------------
> > > Securing Apache Web Server with thawte Digital Certificate
> > > In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
> > > how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
> > > purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
> > > set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
> > > certificates.
> > >
> > > http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> > > ------------------------------------------------------------------------
> > >
> > > Disclaimer:
> > > This e-mail message is intended solely for the individual or organization to which it is addressed. This message 
> > > with all of its attachments (if any) may contain privileged and/or confidential information.
> > > Views, opinions or conclusive remarks expressed in this message are those of the sender and do not necessarily 
> > > express the views of Injazat Data Systems LLC and its related companies.
> > > If you are not the intended recipient of this message, please immediately advise the sender by reply email or by 
> > > telephone call to the number above or +971 2 699 2700; please also permanently delete this message.
> > > Any unauthorized use, printing, copying, retention, disclosure or distribution of this message is strictly 
> > > prohibited.
> > >
> > > This email message has been scanned for the presence of computer viruses.
> >
> > ------------------------------------------------------------------------
> > Securing Apache Web Server with thawte Digital Certificate
> > In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
> > how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
> > purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
> > set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
> > certificates.
> >
> > http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> > ------------------------------------------------------------------------
>
> ------------------------------------------------------------------------
> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
> how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
> purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
> set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
> certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
> ------------------------------------------------------------------------

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------