Home page logo
/

nanog logo nanog mailing list archives

Re: BlackWorm infected IP's reporting
From: Martin Hannigan <hannigan () world std com>
Date: Wed, 25 Jan 2006 03:20:32 -0500 (EST)




Hi.

In the next day or so some of us will cooperate to bring to the 
attention of all effected AS's information about infected users in their 
net-space.

That would be "affected". 

This will be coordinated with several groups and organizations. Please 
expect these emails, thanks.

In other words, NANOG is a step child of these and we'll only see
the PR? If you're going to keep the mitigations off of NANOG, it's
probably safe to keep it all off. We all read newspapers, blogs, and
slashdot. 

I'll post my pre-94 copy of the Compuserve Directory if someone can
prove this story didn't come from this list:

http://www.eweek.com/article2/0,1895,1915070,00.asp

SANS has it, but they aren't being authoritative about it, quoting
elsewhere:

http://isc.sans.org/diary.php?storyid=1067

I'd love to see the US authoritative sources jump in on these
and advise us to cough up our dimes for the dances or not.

-M<


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault