New service - the Team Cymru Malware Hash Registry!
steve.freegard at fsl.com
Tue Oct 28 16:22:35 GMT 2008
> Running here against latest beta (with freeBSD v.old and exim).
> So far so good - no hits yet so hard to say, but performance could be an issue for people, I've noticed a marked slow down in overall scanning times even with the caching DNS etc
It would seen that it's international bandwidth that is the issue.
I wrote and tested the scanner this morning on one of the FSL test boxes
which is in Washington DC on a 10Mb Comcast cable line and have yet to
see a timeout.
However - just tried this on my laptop:
smf at laptop-smf:~$ ./generic_hash_scanner.pl *.pl
INFO::ERROR::Timed out after 30 seconds (4 remaining sockets waiting
after 29 checks)
smf at laptop-smf:~$ host -t NS hash.cymru.com
hash.cymru.com name server ns1.hash.cymru.com.
hash.cymru.com name server ns2.hash.cymru.com.
smf at laptop-smf:~$ host ns1.hash.cymru.com
ns1.hash.cymru.com has address 184.108.40.206
smf at laptop-smf:~$ host ns2.hash.cymru.com
ns2.hash.cymru.com has address 220.127.116.11
smf at laptop-smf:~$ host -t TXT 18.104.22.168.asn.routeviews.org
22.214.171.124.asn.routeviews.org descriptive text "23028" "126.96.36.199"
smf at laptop-smf:~$ host -t TXT 188.8.131.52.countries.blackholes.us
184.108.40.206.countries.blackholes.us descriptive text "us"
Looks to me like they could do with some extra mirrors particularly in
Europe as my RTT from Zen Internet in the UK is > 150ms
More information about the MailScanner