AV Tracker

Posted by Junaid August 3, 2010

Ever set up a multi/handler and get an odd IP hitting it? Probably forgot about it as internet chatter? Think again, you might have just been caught.



AV Tracker – ( http://avtracker.info/ ) is a site that tracks the different IP addresses, hostnames, computer names and user agents that AV and other “Submit-your-malware-here” drop boxes use.
Peter Kleissner and his team provide

  • ranges that the hosts use
  • a dynamic text file with the IP addresses listed if you want to add it to some auto updating block list
  • a line by line IPTABLES block config
  • and even C code to add into your binary to make sure it doesn’t talk out from one of those addresses (I could be reading it wrong, still a beginner in C)
The team has been criticized a lot by AV vendors, enough so the took down the site in January of this year. But it came back June 5th.

, edit post
blog comments powered by Disqus
Subscribe To Guide 29

Enter your email address:

Delivered by FeedBurner

Join On Social Networks
  • Subscribe to RSS feed
  • Become Fan On FB
  • Follow Updates on Twitter
  • Be A Friend on Digg
  • Follow On SU

Become A Fan

Tags