Not really exciting, but I found it interesting anyway. I usually see traffic giving IRC bots on campus instructions to scan and exploit various vulnerabilities. Today I got one that was trying to pass on malware using, predictably, a MySpace picture request:
:sv-5.s3cr3t.net 332 [A07|USA|37152] ##vap1d## :.aim I was going to put this pic of us on
myspace. Is that ok with you? A H - REF="http://www.do not follow.dk/includes/picture-
ustogether.002.com">http://myspace/userphotos/us-together/picture-ustogether.002.jpg:sv-5.s3cr3t.net 333 [A07|USA|37152] ##vap1d## H0AX 1168997693
I broke up the HTML so it would display properly. Not sure what the second command string does, the H0AX one.
