Project Black Water – Block These IP addresses

The following IP addresses were caught in one of my honeypots uploading malicious software. Often times they attacked the server several times with the same sample. Below are the IP addresses logged by the honeypot uploading malicious code. These IPs should be blocked by your firewall and perhaps your DMZ. You should also search your logs for these addresses:

Reporting Period Covered: 2010-01-23 to 2010-02-01:

Read more here: http://www.msiaguy.com/projects/project-black-water/

Print Friendly, PDF & Email

Leave a Reply