Blog for hpHosts, and whatever else I feel like writing about ....

Monday, 10 October 2011

Some TDL/TDSS rootkit sites to block

From my friend Conrad;

The following IPs are related to the TDL/TDSS rootkit. / appears to be a C&C server. is a Romanian host called Eurolan Solutions SRL, I've had this blocked for months with no ill-effects. is Petersburg Internet Network Ltd in Russia, the whole /16 is sparsely populated and blocking that would probably do no harm. is Latvia host RN Data SIA, given that Latvia hosts are such a sewer then blocking the /22 is probably also a good idea

Read more;

No comments: