Sobig.f surprise attack today
Owen DeLong
owen at delong.com
Fri Aug 22 18:27:52 UTC 2003
OK... Maybe I'm smoking crack here, but, if they have the list of 20
machines,
wouldn't it make more sense to replace them with honey-pots that download
code to remove SOBIG instead of just disabling them?
Let's use the virus against itself. At this point, I think that's a
legitimate
countermeasure.
Owen
--On Friday, August 22, 2003 11:01 AM -0700 Jim Dawson <jdawson at navi.net>
wrote:
>
> F-Secure Corporation is warning about a new level of attack to be
> unleashed by the Sobig.F worm today. Supposed to take place at 1900 UTC.
>
> http://www.f-secure.com/news/items/news_2003082200.shtml
>
> Jim
> --
>
> See what ISP-Planet is saying about us!
> http://isp-planet.com/services/wholesalers/flexpop.html
> __________________________________________________________________
> Jim Dawson jdawson at flexpop.net
> Flexpop/Navi.Net http://www.flexpop.net
> 618 NW Glisan St. Ste. 101 v. +1.503.517.8866
> Portland, Or 97209 USA f. +1.503.517.8868
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
More information about the NANOG
mailing list