Ever set up a multi/handler and get an odd IP hitting it? Probably forgot about it as internet chatter? Think again, you might have just been caught
AV Tracker - http://avtracker.info/ is a site that tracks the different IP addresses, hostnames, computer names and user agents that AV and other “Submit-your-malware-here” drop boxes use.
Peter Kleissner and his team provide
ranges that the hosts use a dynamic text file with the IP addresses listed if you want to add it to some auto updating block list a line by line IPTABLES block config and even C code to add into your binary to make sure it doesn’t talk out from one of those addresses (I could be reading it wrong, still a beginner in C) The team has been criticized a lot by AV vendors, enough so the took down the site in January of this year.![]()
![]()
![]()
![]()
![]()
↧