I had a machine on my network that had was infected with some viruses
and malware. The machine has been wiped and rebuilt but I noticed
going thru my IDS logs for that day I saw a couple IP's in my lan that
were not mine and they were routable. Do some forms of malware/bots
have a static addresses? I have heard some bots have their own
network stack but I just wasn't clear if this was true or not because
I would just assume not, even though it would be harder to track down
the bot if they did have their own addresses but because of possible
routing issues I would think they would not go this way.
and malware. The machine has been wiped and rebuilt but I noticed
going thru my IDS logs for that day I saw a couple IP's in my lan that
were not mine and they were routable. Do some forms of malware/bots
have a static addresses? I have heard some bots have their own
network stack but I just wasn't clear if this was true or not because
I would just assume not, even though it would be harder to track down
the bot if they did have their own addresses but because of possible
routing issues I would think they would not go this way.
Thanks,
Nick
[ reply ]