No announcement yet.

IP's To Ban Right Now

  • Filter
  • Time
  • Show
Clear All
new posts

  • IP's To Ban Right Now

    Just got this info:

    ThreatCon Level is 2

    The DeepSight ThreatCon is currently at Level 2. On May 26, 2007 the DeepSight Threat Analyst Team became aware of a widespread web-based attack spanning numerous domains, that is believed to have affected over 10,000 computers so far. The attack makes use of the MPack exploit toolkit, which uses a battery of web-based client-side vulnerabilities to install malicious code onto a target system. Symantec Antivirus has been updated to include detections for the malcode being used in this attack. All vulnerabilities used in the attacks have been patched by the associated vendors. Currently 788 websites are known to be redirecting users to the site that carries out the attack. Some of the sites are believed to be legitimate pages that have been compromised, whereas others appear to have been created for the purpose of the attack. Blacklisting the IPs responsible for carrying out the actual exploitation should be sufficient to prevent exploitation. Administrators are advised to block the following two IP addresses: (