[AusNOG] FW: Apparent "encrypted" P2P botnet using port 8/tcp

Jacques Kosky jmkosky at vicnet.net.au
Tue May 2 15:40:28 EST 2006

At 03:27 PM 5/2/2006, Terry Manderson wrote:
>Hi Matthew,
>Thanks for the heads up.. I've already added a
>log statement for any ingress or egress traffic
>on port 8/tcp. If I see any I will pass on.

Hi Folks
We have just done a traffic analysis (using Netflow) on one of our 
customers DSL connections and are seeing a bit of traffic on TCP port 8 
much of it 92 octets.

More information about the AusNOG mailing list