Sobig.f surprise attack today

• Previous message (by thread): Sobig.f surprise attack today
• Next message (by thread): Sobig.f surprise attack today
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

OK... Maybe I'm smoking crack here, but, if they have the list of 20 
machines,
wouldn't it make more sense to replace them with honey-pots that download
code to remove SOBIG instead of just disabling them?

Let's use the virus against itself.  At this point, I think that's a 
legitimate
countermeasure.

Owen


--On Friday, August 22, 2003 11:01 AM -0700 Jim Dawson <jdawson at navi.net> 
wrote:

>
> F-Secure Corporation is warning about a new level of attack to be
> unleashed by the Sobig.F worm today. Supposed to take place at 1900 UTC.
>
> http://www.f-secure.com/news/items/news_2003082200.shtml
>
> Jim
> --
>
> See what ISP-Planet is saying about us!
> http://isp-planet.com/services/wholesalers/flexpop.html
>   __________________________________________________________________
>   Jim Dawson                                     jdawson at flexpop.net
>   Flexpop/Navi.Net                            http://www.flexpop.net
>   618 NW Glisan St. Ste. 101                      v. +1.503.517.8866
>   Portland, Or  97209 USA                         f. +1.503.517.8868
>   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>

• Previous message (by thread): Sobig.f surprise attack today
• Next message (by thread): Sobig.f surprise attack today
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]