InfoSec Handlers Diary Blog - Got PushDo SSL packets?

SANS ISC: InfoSec Handlers Diary Blog - Got PushDo SSL packets?

SANS Site Network
- Current Site
- Internet Storm Center
- Other SANS Sites Help
- Graduate Degree Programs
- Security Training
- Security Certification
- Security Awareness Training
- Penetration Testing
- Industrial Control Systems
- Cyber Defense Foundations
- DFIR
- Software Security
- Government OnSite Training

InfoSec Handlers Diary Blog

Got PushDo SSL packets?

Published: 2010-01-30
Last Updated: 2010-01-30 11:09:16 UTC
by Stephen Hall (Version: 1)

Steven Adair over at ShadowServer has posted a blog entry about the strange going's on with the PushDo botnet. There has been a large rise in the detection of SSL packets hitting a number of domains, www.sans.org included.

If you are the admin of one of these 315 sites and you can grab some of these packets in a pcap and your willing to share, can you upload them via our contact form so that we can compare with what we are seeing.

Have a good weekend.

Steve Hall
ISC Handler of the day

Keywords: PushDo

2 comment(s)

Top of page

Diary Archives