[Dshield] nsave.stabilt.se

aihomes at comcast.net aihomes at comcast.net
Thu Sep 27 23:27:08 GMT 2007

I've checked a handful of botnet listings including shadowserver.org, but none list the resolved IP of this host. 

TrendMicro posted a highly relevant write-up on the threat and I've seen it in action:


The network traffic pattern described is dead on - haven't perform a forensic yet to identify the variant, but will update the thread. Here is a report from DNS stuff who have the domain name cached:


Just wanted to inform the community. 


Sent from my BlackBerry® wireless handheld

More information about the list mailing list