RE: dealing with w32/bagle

We created bogus DNS entries for the following entries, known to be

targeted by the worm:

For what its worth ns{1,2,3,4} will answer for the wormy
domains with to help mitigate phone-home traffic.

I just registered (some appear to be registered while others are
not) with the proper name servers and it should be visible worldwide along
the normal timeline. Parties with control over the other mentioned domains
or end user resolution are more than welcome to point them our way.

We'll be generating some statistical data on DNS traffic and summarizing for
anyone interested.