[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] Sobig has a surprise...
- To: "'Florian Weimer'" <fw@deneb.enyo.de>, Steve Postma <spostma@travizon.com>
- Subject: RE: [Full-Disclosure] Sobig has a surprise...
- From: Andrews Carl 448 <Carl.Andrews@crackerbarrel.com>
- Date: Fri, 22 Aug 2003 15:28:31 -0500
If you don't already have it by now, here are the addresses:
http://vil.nai.com/vil/content/v_100561.htm
-----Original Message-----
From: Florian Weimer [mailto:fw@deneb.enyo.de]
Sent: Friday, August 22, 2003 2:20 PM
To: Steve Postma
Cc: 'full-disclosure@lists.netsys.com'
Subject: Re: [Full-Disclosure] Sobig has a surprise...
Steve Postma <spostma@travizon.com> cites:
> However, the Sobig.F worm has a surprise attack in its sleeve."
From the web site:
| "As soon as we were able to crack the encryption used by the worm to
| hide the list of the 20 machines, we've been trying to close them
| down", explains Mikko Hypponen.
18 of 20 addresses where known to the AV community since Tuesday. I
don't know what F-Secure is doing here.
Why don't they publish the list of IP addresses so that people can put
filters on their networks?
*sigh*
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html