RE: sobig.F

["David Gillett" <gillettdavid () fhda edu>]

  Well, early release notes from the developer (I'm being 
facetious, folks!) suggest that best results will come from
educating users, blocking or shutting down unused ports and
services, and installing something like MIME-defang to 
filter/block executable attachments at the email server.
Making sure antivirus is kept up to date on every machine
wouldn't hurt.

  (No, really.  The scary stuff I've seen about "next Sobig 
version" is not based on any hard information, only on
speculation about how much worse it could be made.  The
simple measures above, if more widely adopted, would have
significantly reduced the impact of the current outbreak.)

David Gillett

> -----Original Message-----
> From: Shankara Narayanan [mailto:ssn () zeeaccess com]
> Sent: August 26, 2003 21:41
> To: Security-Basics
> Subject: sobig.F
>
>
> Hi list,
>
> Hearing scary news about next Sobig version... how to control 
> it , any tips
> would be appriciated.
>
> Thanks in advance.
>
> Shankar
>
> -- 
> Outgoing mail is certified Virus Free.
> Checked by AVG Anti-Virus (http://www.grisoft.com).
> Version: 7.0.167 / Virus Database: 259.11.3 - Release Date: 8/19/03
>  

---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Federal, September 29-30 (Training), 
October 1-2 (Briefings) in Tysons Corner, VA; the world's premier 
technical IT security event.  Modeled after the famous Black Hat event in 
Las Vegas! 6 tracks, 12 training sessions, top speakers and sponsors.  
Symantec is the Diamond sponsor.  Early-bird registration ends September 6.Visit us: www.blackhat.com
----------------------------------------------------------------------------