|
Full Disclosure
mailing list archives
Re: Anybody know what Sobig.F has downloaded?
From: "Brent J. Nordquist" <b-nordquist () bethel edu>
Date: Mon, 1 Sep 2003 15:08:50 -0500 (CDT)
On Sat, 23 Aug 2003, Nick FitzGerald <nick () virus-l demon co uk> wrote:
it seems all the "contact list" machines were disconnected from the
Internet about an hour before "come and get it" time. One hopes this
was done cluefully after certain important forensic evidence had been
appropriately gathered, or at least was known to then be present on the
machines and the machines were suitably secured for forensic analysis.
Has anyone heard anything more about that second stage; whether any of it
was recovered, what it was supposed to be? I can't find anyone talking
about it; I thought this would be big news.
--
Brent J. Nordquist <b-nordquist () bethel edu> N0BJN
Other contact information: http://kepler.acns.bethel.edu/~bjn/contact.html
* Fast pipe * Always on * Get out of the way - Tim Bray http://tinyurl.com/7sti
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
 By Date 
By Thread
Current thread:
- Re: Anybody know what Sobig.F has downloaded? Brent J. Nordquist (Sep 01)
| 
Intro
