[Dshield] research.microsoft.com - naughty or nice?

TheGesus thegesus at gmail.com
Tue Aug 9 19:20:29 GMT 2005


http://www.dshield.org/warning_explanation.php?fip=131.107.65.14&Submit=Submit

:~# host 131.107.65.14
14.65.107.131.in-addr.arpa domain name pointer research.microsoft.com.

http://www.theregister.co.uk/2005/08/09/ms_honeymonkey/

"Microsoft 's experimental Honeymonkey project has found almost 750
web pages that attempt to load malicious code onto visitors' computers
and detected an attack using a vulnerability that had not been
publicly disclosed, the software giant said in a paper released this
month.

"Known more formally as the Strider Honeymonkey Exploit Detection
System, the project uses automated Windows XP clients to surf
questionable parts of the Web looking for sites that compromise the
systems without any user interaction. In the latest experiments,
Microsoft has identified 752 specific addresses owned by 287 websites
that contain programs able to install themselves on a completely
unpatched Windows XP system."



More information about the list mailing list