Home page logo

nanog logo nanog mailing list archives

Re: Sobig.f surprise attack today
From: Owen DeLong <owen () delong com>
Date: Fri, 22 Aug 2003 11:27:52 -0700

OK... Maybe I'm smoking crack here, but, if they have the list of 20 machines,
wouldn't it make more sense to replace them with honey-pots that download
code to remove SOBIG instead of just disabling them?

Let's use the virus against itself. At this point, I think that's a legitimate


--On Friday, August 22, 2003 11:01 AM -0700 Jim Dawson <jdawson () navi net> wrote:

F-Secure Corporation is warning about a new level of attack to be
unleashed by the Sobig.F worm today. Supposed to take place at 1900 UTC.



See what ISP-Planet is saying about us!
  Jim Dawson                                     jdawson () flexpop net
  Flexpop/Navi.Net                            http://www.flexpop.net
  618 NW Glisan St. Ste. 101                      v. +1.503.517.8866
  Portland, Or  97209 USA                         f. +1.503.517.8868

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]