Remember months ago when the pushdo bot targeted forum.defcon.org? Well it is still at it. Our automatic firewall script blocks all the activity, and a side effect is gathering all the IP addresses of the pushdo hosts trying to connect to us. Currenty we are tracking over 30,000 IP addresses. I expected the number to decline over time, but it has been very stable.

Now what to do with them? Anyone know of a good research project in need of the data?