nanog mailing list archives

Re: Operation Ghost Click

From: Kyle Creyts <kyle.creyts () gmail com>
Date: Thu, 26 Apr 2012 17:57:36 -0400

http://www.fbi.gov/news/stories/2011/november/malware_110911/DNS-changer-malware.pdf
On Apr 26, 2012 5:48 PM, "Leigh Porter" <leigh.porter () ukbroadband com>
wrote:


On 26 Apr 2012, at 22:47, "Andrew Latham" <lathama () gmail com<mailto:
lathama () gmail com>> wrote:

On Thu, Apr 26, 2012 at 5:38 PM, Jeroen van Aart <jeroen () mompl net<mailto:
jeroen () mompl net>> wrote:

Yes its a major problem for the users unknowingly infected.  To them
it will look like their Internet connection is down.  Expect ISPs to
field lots of support s

Is there a list of these temporary servers so I can see what customers are
using them (indicating infection) and head off a support call with some
contact?

--
Leigh


______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com
______________________________________________________________________

Current thread:

Operation Ghost Click Jeroen van Aart (Apr 26)
- Re: Operation Ghost Click Andrew Latham (Apr 26)
  - Re: Operation Ghost Click Leigh Porter (Apr 26)
    - Re: Operation Ghost Click Andrew Fried (Apr 26)
    - Re: Operation Ghost Click Kyle Creyts (Apr 26)
    - Re: Operation Ghost Click Andrew Latham (Apr 26)
    - Re: Operation Ghost Click Kyle Creyts (Apr 26)
    - Re: Operation Ghost Click Sam Tetherow (Apr 27)
  - Re: Operation Ghost Click Paul Graydon (Apr 26)
    - RE: Operation Ghost Click Frank Bulk (Apr 26)
  - Re: Operation Ghost Click Jeff Kell (Apr 26)
    - RE: Operation Ghost Click O'Reirdan, Michael (Apr 27)
    - Re: Operation Ghost Click Jeroen van Aart (Apr 27)
    - Re: Operation Ghost Click Ameen Pishdadi (Apr 27)
    - Re: Operation Ghost Click ryanL (Apr 27)

(Thread continues...)