Impending (mydoom) DOS attack

• Previous message (by thread): MyDoom statistics (was Re: Impending (mydoom) DOS attack)
• Next message (by thread): Impending (mydoom) DOS attack
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Friday 30 January 2004 01:18 pm, bcm wrote:
> Is anyone taking any special precautions given the potential for a sudden
> increase in aggregate packets per second across your networks come Sunday
> afternoon when the original Mydoom virus enters into its DOS phase?
>
> Does anyone know if the virus' assault will be slowed if it is unable to
> reach www.sco.com?  I am hoping that if it cannot reach SCO's site that the
> HTTP GET command will be slow in returning, effectively reducing the volume
> of traffic a single PC is capable is generating.  I am having a difficult
> time artificially forcing the virus to start its attack in a lab
> environment, so I am unable to confirm this.
>
> Any input would be appreciated.  Thanks!

I think we should help out SCO by creating new wildcard entries into our DNS 
servers that point *.sco.com to 127.0.0.1 as well as blackholing all SCO 
SWIPd IP Address Space.

<a****le mode>
We should also never remove the above.
</a****le mode>

-- 
Donovan Hill
Electronics Engineering Technologist, CCNA
www.lazyeyez.net, www.gwsn.com

• Previous message (by thread): MyDoom statistics (was Re: Impending (mydoom) DOS attack)
• Next message (by thread): Impending (mydoom) DOS attack
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]