[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Sobig has a surprise...

To: Steve Postma <spostma@travizon.com>
Subject: Re: [Full-Disclosure] Sobig has a surprise...
From: Florian Weimer <fw@deneb.enyo.de>
Date: Fri, 22 Aug 2003 21:19:39 +0200

Steve Postma <spostma@travizon.com> cites:

> However, the Sobig.F worm has a surprise attack in its sleeve." 

From the web site:

| "As soon as we were able to crack the encryption used by the worm to
| hide the list of the 20 machines, we've been trying to close them
| down", explains Mikko Hypponen.

18 of 20 addresses where known to the AV community since Tuesday.  I
don't know what F-Secure is doing here.

Why don't they publish the list of IP addresses so that people can put
filters on their networks?

*sigh*

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Sobig has a surprise...
  - From: "Jamie L Thompson" <jlt@raytheon.com>
- Re: [Full-Disclosure] Sobig has a surprise...
  - From: Michael Scheidell <scheidell@secnap.net>
- Re: [Full-Disclosure] Sobig has a surprise...
  - From: Paul Schmehl <pauls@utdallas.edu>

References:
- [Full-Disclosure] Sobig has a surprise...
  - From: Steve Postma <spostma@travizon.com>

Prev by Date: Re: [Full-Disclosure] Microsoft urging users to buy HarwareFirewalls
Next by Date: [Full-Disclosure] US Governement War3z Server?
Prev by thread: [Full-Disclosure] Sobig has a surprise...
Next by thread: Re: [Full-Disclosure] Sobig has a surprise...
Index(es):
- Date
- Thread