[dns-operations] MX record scanning
Tony Finch
dot at dotat.at
Tue May 10 15:03:59 UTC 2011
Antoin Verschuren <antoin.verschuren at sidn.nl> wrote:
>
> The question now is, what to do with the data.
> If you analyse your querylog with the characterisics above, you have an
> almost certain list of affected botnet clients.
> Should we alert local CERTs to inform ISP's to tell their customers ?
Might also be helpful to ask Spamhaus if they could make use of the data.
Tony.
--
f.anthony.n.finch <dot at dotat.at> http://dotat.at/
Rockall, Malin, Hebrides: South 5 to 7, occasionally gale 8 at first in
Rockall and Malin, veering west or northwest 4 or 5, then backing southwest 5
or 6 later. Rough or very rough. Occasional rain. Moderate or good,
occasionally poor.
More information about the dns-operations
mailing list