<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Full Disclosure: URLs used by W32/MyDoom-O (aka .AX, .BB) to query search engines?

URLs used by W32/MyDoom-O (aka .AX, .BB) to query search engines?

From: Alain Fauconnet <alain_at_ait.ac.th>
Date: Fri, 18 Feb 2005 08:01:27 +0700

Hello List,

Does anyone have a list of query URLs used by W32/MyDoom-O
(Sophos name: http://www.sophos.com/virusinfo/analyses/w32mydoomo.html)
to dig e-mail addresses from search engines?

Are these specific enough that there's a chance to catch them in the
config of a web proxy (e.g. Squid) and avoid being "blacklisted" by
the search engines? (seems to me that Google temporarily blacklists
IPs that drown them under such requests)

Greets,
_Alain_
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Received on Feb 18 2005

This message: [ Message body ]
Next message: Anders Breindahl: "Re: New Internet Explorer Beta"
Previous message: Gadi Evron: "The Security Forum - meeting #8 -20/2/05"
Next in thread: Patrick Nolan: "RE: URLs used by W32/MyDoom-O (aka .AX, .BB) to query search engines?"
Reply: Patrick Nolan: "RE: URLs used by W32/MyDoom-O (aka .AX, .BB) to query search engines?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]